Skip to main content
NOPE
Enacted Law AI Safety

Colorado AI Act

Colorado Artificial Intelligence Act (SB 24-205)

Colorado law regulating automated decision-making technology (ADMT) that materially influences consequential decisions in areas such as employment, housing, healthcare, financial services, and insurance. SB 26-189 repealed and replaced the 2024 Colorado AI Act framework, narrowing both scope and obligations.

Jurisdiction

Colorado

Enacted

May 17, 2024

Effective

Jan 1, 2027

Enforcement

Colorado Attorney General (exclusive; no private right of action)

Original 2024 Act (SB 24-205) repealed and re-enacted by SB 26-189, signed by Governor Polis May 14, 2026. New ADMT framework effective January 1, 2027; AG rulemaking began on signature.

Colorado Legislature (SB 26-189)

Why It Matters

Template for US state AI regulation. "Consequential decisions" scope captures employment, healthcare, financial services — high-stakes contexts.

Recent Developments

SB 26-189, signed by Governor Polis May 14, 2026, repealed and replaced the 2024 Colorado AI Act. It reframes the law around automated decision-making technology, removes the duty of care, algorithmic impact assessments, and risk-management program requirements, and substitutes four duties: AI-interaction notice, disclosure within 30 days of an adverse outcome, data correction on request, and meaningful human review. Effective January 1, 2027.

At a Glance

Applies to

Automated Decision SystemRecruitment AICredit ScoringHealthcare AI

Harms addressed

Discrimination

Who Must Comply

  • Developers of high-risk AI systems
  • Deployers using AI for consequential decisions in: employment, education, financial services, healthcare, housing, insurance, legal services, government services

Obligations fall on:

Safety Provisions

  • Notify individuals when they interact with an automated decision-making system
  • Disclose to consumers within 30 days of an adverse outcome of an ADMT-influenced consequential decision
  • Correct inaccurate personal data used by the system on request
  • Provide meaningful human review and reconsideration of adverse outcomes

Compliance & Enforcement

Key Dates

Jan 1, 2027

ADMT framework obligations take effect

Penalties

Penalties pending regulatory determination

View on map

Colorado

Focus Areas

Algorithmic accountability

Cite This

APA

Colorado. (2024). Colorado Artificial Intelligence Act (SB 24-205).

Related Regulations

Proposed US-CO

CO AI Psychotherapy Restrictions

Prohibits licensed mental health professionals from using AI to detect emotions, generate treatment plans without clinician review, or directly interact with clients therapeutically. Allows AI for administrative support with consent.

Pending US-CO

CO AI Healthcare Act

Regulates mental health companion chatbots and AI use in healthcare utilization review. Declares AI providers engage in unauthorized practice of psychotherapy if their chatbot misrepresents credentials, uses reserved professional titles, delivers unsupervised psychotherapy, or fails to disclose it is not human. Separately requires AI-driven insurance utilization review to consider individual clinical circumstances rather than solely group data.

Enacted US-NY

NY RAISE Act

Requires large AI developers of frontier models operating in New York to create safety protocols, report critical incidents within 72 hours, conduct annual reviews, and undergo independent audits. Creates dedicated DFS office funded by developer fees.

In Effect US-TX

TX Healthcare AI Law

Requires healthcare practitioners using AI for diagnosis to review all AI-generated records and disclose AI use to patients. Mandates EHR data localization (Texas patient data must be physically stored in US). Applies to covered entities and third-party vendors.

Pending US-LA

LA Healthcare AI Act

Regulates use of artificial intelligence by healthcare providers in Louisiana. Permits AI for administrative tasks but prohibits AI from making treatment/diagnosis decisions without licensed professional review, directly interacting with patients on treatment matters, or generating therapeutic recommendations without professional approval.

Enacted US-MD

MD HB 895

First US state law to outright ban surveillance-based personalized pricing in food retail and third-party delivery, prohibiting use of protected class data and dynamic pricing tied to consumer personal data with limited exceptions for cost-based pricing, loyalty programs, and explicit consent.

All regulations Check if this applies to you

Last updated June 3, 2026. Verify against primary sources before relying on this information.