HR and people operations: where employee data meets AI on a meter

HR functions sit on a unique kind of data. Performance reviews. Compensation history. Promotion decisions. Engagement survey responses. Exit interviews. Internal investigation records. Manager feedback. Compensation benchmarking. Career planning conversations. All of it intensely personal, all of it legally sensitive, all of it accumulating year after year as the company grows.

In the past few years, HR functions have layered AI into nearly every part of this stack. Engagement surveys get analyzed for themes. Performance reviews get summarized for HRBPs. Exit interviews get clustered for retention insights. Internal investigations get drafted. Policy questions get answered. Career planning gets personalized.

The bill is real but moderate. The privacy implications are extreme. The local-SLM case for HR is — more than almost any other workload in this series — about who gets to see the data, not about who pays for the inference.

The math

A representative midmarket company with two thousand employees generates a meaningful volume of HR AI workload.

Annual performance reviews: two thousand reviews, each analyzed and summarized. Engagement surveys: quarterly surveys producing eight thousand responses per year, each categorized and clustered. Exit interviews: maybe two hundred per year, each summarized. Internal policy Q&A: a few thousand questions per year from employees and managers. Manager feedback summarization: tens of thousands of items per year. Investigation drafting: small in count but high in token volume per item.

A reasonable aggregate is a few hundred thousand AI operations per year across the HR function. At a representative cost of $0.020 per operation (HR workloads tend to be moderately heavy on token count because they include lots of free-text content), the total is somewhere around $5,000 per year for this company.

At larger enterprises — twenty thousand employees — the bill scales to $50,000 to $100,000 per year. Larger still and the numbers grow further. These aren't enormous figures.

But the cost is not the interesting story for HR.

The privacy story is the whole argument

Employee data is uniquely sensitive in ways that other operational data is not.

It is intensely personal. Performance reviews contain detailed assessments of an individual's strengths and weaknesses. Compensation data reveals economic relationships. Engagement survey responses are often submitted with an explicit promise of anonymity. Exit interviews include candid criticism of managers, teams, and the company. Internal investigations include allegations and counter-allegations that may or may not be substantiated.

It is legally protected in specific ways. Employment-related data is covered by multiple frameworks — anti-discrimination laws, employee privacy laws, works council agreements in European jurisdictions, sectoral protections in some industries. The legal exposure of mishandling employee data is significant.

It is reputationally explosive. The disclosure that a company sends employee performance data, engagement survey responses, or exit interview content to a third-party cloud LLM lands differently than the disclosure that it sends, say, expense report data to the same provider. Employees expect a different posture on data about them than they expect on data about the business.

It is culturally important. The implicit promise HR makes to employees — "this information is handled appropriately" — is a foundational element of trust between the company and the workforce. Architectures that compromise that promise damage the culture in ways the company finds out about later.

For all these reasons, the local-inference architecture isn't optional in HR. It is the architecture that aligns with what HR is supposed to do.

Why this is structurally a local-SLM case

The standard properties are present. The privacy ones are at the extreme of any workload we've covered.

The work is narrow. The model needs to know one company's specific HR processes, performance review framework, engagement survey instruments, and policy documents. A model fine-tuned on the company's own HR corpus outperforms a general model.

The work is repetitive in structure. Performance reviews follow predictable patterns. Engagement responses cluster into predictable themes. Policy questions follow predictable categories. Specialization compounds.

The privacy is structural. As above.

The brand-voice and tone story matters. HR communications need to sound like the company. A general model produces generic HR text. A fine-tuned model produces communications that match the company's actual voice with employees.

The audit trail story matters acutely for investigations. When an AI helps draft an internal investigation summary, the trail of what the model considered and chose is potentially material evidence. A local model that produces structured logs is operationally superior to a cloud LLM whose decision process is opaque.

What changes with local inference

An HR AI workflow on a local SLM looks like this.

A model is fine-tuned on the company's HR corpus — historical performance reviews, engagement responses, policy documents, communication templates. The fine-tuning happens in a controlled environment that respects the data sensitivity.

The model runs on infrastructure HR controls — typically a server in the HR or HRIS environment, with access restricted to HR users and audit-logged to a level that satisfies compliance.

Employee data flows through the inference pipeline only within the HR security boundary. The model produces summaries, drafts, and analyses. The data never crosses to a third-party cloud LLM.

The privacy promise to employees is preserved. The explicit anonymity of engagement surveys remains intact. The legally privileged nature of investigation content remains intact. The cultural trust that HR represents is reinforced rather than eroded.

The cost flips from per-operation to fixed. Workforce growth doesn't scale the AI bill.

When the cloud LLM is still acceptable

A narrow set of cases.

For workflows operating on fully anonymized data — aggregated engagement statistics, role-level compensation benchmarking against external data — the data sensitivity is lower, and the cloud LLM may be acceptable for the specific operation.

For workflows that are HR-adjacent rather than HR-core — say, recruiting communications drafted with publicly-known candidate information, or external employer branding content — the privacy posture is closer to marketing than to HR.

For very small companies without the infrastructure to deploy local inference, the cost-benefit may not pay back. The cloud LLM is acceptable at small scale, with appropriate care.

For the bulk of core HR work — performance reviews, engagement, exit interviews, investigations, internal communications — the local-SLM case is structurally strong, and the privacy case is closer to mandatory than to optional.

The pattern, in people operations

Avery NXR is a Next.js scaffolding tool. It is not an HR tool. The architectural pattern repeats, with the privacy dimension dominating.

HR AI is a narrow, repetitive, moderate-volume, extreme-privacy workload. The cost story is real but secondary. The privacy story is the whole argument — and it points at local inference with unusual force.

The HRIS vendors and HR-specific AI tools that build on local infrastructure — with appropriate fine-tuning, controlled deployment, and evidence packages that satisfy works councils, employee representatives, and legal teams — will own the institutional HR AI market. The cloud-LLM-default products are operating against the grain of what HR is supposed to mean.

The pattern continues. HR is one of the workflows where the architectural choice signals what the company believes about its relationship with its employees. Companies that move to local inference are signaling that the implicit promise to employees still matters. Companies that don't are sending a different signal — one their employees will, eventually, hear.