The emergence of the artificial intelligence (AI) tool Chat-GPT has created great excitement and unprecedented potential in various fields. Users are increasingly recognizing its benefits in aiding with work-related tasks and are incorporating it into their work routines. However, unconscious use of ChatGPT poses a risk to an organization if employees inadvertently disclose sensitive information. To date, there is a lack of research examining individuals' perceptions of the security and privacy implications of ChatGPT use in organizational contexts. To bridge this gap, this study examines employees' perceptions of security and privacy-related risks of using ChatGPT for work-related tasks and their strategies to mitigate these risks. Employing grounded theory, we conducted semi-structured interviews with 17 participants from 15 organizations across a range of professions and industries. Our findings indicate that employees have a general awareness of security and privacy-related risks, albeit with some uncertainties and misconceptions. While organizational guidelines for managing these risks are largely absent, participants describe that they employ self-determined strategies to avoid sharing sensitive data.