AI has been shaping our digital experiences for years. Netflix recommendations, fraud detection on your credit card, the search results that seem to read your mind. These weren’t new three years ago. What changed recently is that AI moved from running quietly in the background to sitting in your browser tab, answering your questions, drafting your emails, and surfacing patterns in your congregation’s giving and attendance data.
For most technology, that shift is interesting. For church technology, it raises questions that genuinely matter.
The data your church holds isn’t like a retail loyalty program. It includes pastoral care notes, counseling records, giving patterns that reflect real financial hardship or generosity, family situations shared in confidence, and prayer requests that people brought to your church because they had nowhere else to go. When AI has access to that kind of information, the standards for how it’s built and governed need to be proportionally higher.
The gap between intention and policy
The 2026 State of Church Technology Report, produced by Pushpay and Barna Group with responses from over 1,300 church leaders, found that 64% of church leaders believe it’s important for churches to have an established AI use policy. Only 5% actually have one.
That’s a significant gap, and it’s not unique to AI. Churches often operate with a general sense that certain values should govern their technology decisions, without those values ever getting translated into written policy. The consequence is that vendors fill the vacuum. If your church doesn’t have clear guidelines about how AI can and cannot use your members’ data, you’re effectively delegating that decision to whoever built the software you’re running.
Data privacy was the top AI-related concern among church leaders surveyed, with 83% reporting they are very or somewhat concerned. That concern is warranted. The question is what to do with it.
What “human in the loop” actually means
One phrase you’ll hear when responsible AI development is discussed: human-in-the-loop. It sounds like jargon. It isn’t.
AI outputs are probabilistic, which means the model produces the most likely correct answer based on patterns in its training data. That’s useful for a lot of tasks, but it also means the model can be confidently wrong.
For low-stakes tasks (drafting a first pass at a volunteer email, surfacing which members haven’t attended in 90 days), a confident wrong answer is a minor inconvenience. For decisions about pastoral follow-up, financial stewardship, or member status, it’s a problem.
Keeping humans in the loop means AI assists your decision-making rather than making decisions autonomously. When Pushpay’s AI people search helps you query your database in plain English (“families who gave on Easter but haven’t returned since”), it finds the people faster. What happens next is entirely your call. You read the names, you know the context, you decide who gets a personal phone call from the pastor and who gets added to a follow-up email sequence. The AI narrows the field. The human reads the situation.
That distinction matters more in ministry than in most other contexts.
Where church data goes — and where it doesn’t
This is the question most church leaders want a straight answer to, so here it is: church member data processed through Pushpay stays within Pushpay’s secure partner ecosystem. It is not used to train external AI foundation models, and any data that moves between systems does so only with appropriate protections applied.
Every AI response the platform generates passes through a sequential check. A safety step confirms no sensitive data is exposed. An accuracy step verifies the information falls within the tool’s known competency. A transparency step documents the reasoning behind the output. If any of those checks fail, the response is blocked and flagged for human review. It doesn’t get delivered with a disclaimer. It gets stopped.
Financial transactions are covered by PCI-DSS certification. Member records follow the same access permissions your team already has, so a staff member who can’t see confidential pastoral notes in your ChMS doesn’t gain access to them through an AI query.
The question worth asking your vendors
If you’re evaluating any technology that touches your congregation’s data, a few questions deserve direct answers. Who owns your members’ data? If the vendor’s terms of service grant them rights to use your data for model training or product improvement, that’s a policy decision your church should make explicitly, not by checking a box during onboarding.
What happens to member data if you cancel? Clear data deletion or portability policies matter, especially for churches with historical giving and engagement records going back years. And how are AI outputs validated? If the answer is “the model is highly accurate,” follow up: accurate for what tasks, and validated by whom?
These aren’t hostile questions. They’re what responsible technology stewardship looks like for an organization that holds the data it holds.
The part AI can’t do
No tool surfaces the context behind a number. Your ChMS can tell you that someone who gave weekly for two years stopped giving in January. Pushpay Insights can flag them as at-risk and add them to a list. What it can’t tell you is that their spouse was diagnosed with cancer in December, that they’re still attending but sitting in the back, and that what they need right now is a quiet call from someone they trust, not an automated re-engagement email.
AI in church technology earns its place by handling the administrative work that crowds out pastoral attention: the processing, sorting, flagging, querying, and drafting that consumes hours your staff would rather spend on actual ministry. The more of that load AI carries, the more room exists for the room-reading and relationship-building that no model will ever replicate.
The goal is ministry. AI earns its keep by clearing the overhead that crowds ministry out.
