Session Expired

Your session has expired. Please sign in again to continue where you left off.

Sign In Again
Free Download — 25-Page PDF

High-Risk AI Systems 50-State Reference Guide

Every state's definition of "high-risk AI" compared side by side. Developer and deployer obligations, NIST AI RMF safe harbors, and federal preemption analysis — all fact-checked from official sources.

What Is a "High-Risk AI System"?

A high-risk AI system is any AI technology that makes or substantially influences consequential decisions about individuals — in areas like employment, lending, insurance, housing, healthcare, education, and criminal justice. The concept originates from the EU AI Act's tiered classification framework, which has heavily influenced U.S. state legislation.

Colorado's AI Act (SB 24-205, effective June 2026) provides the most detailed U.S. definition: an AI system is "high-risk" if it makes or is a substantial factor in making a "consequential decision" — defined as decisions affecting education, employment, financial or lending services, essential government services, healthcare, housing, insurance, or legal services. Developers must provide documentation, and deployers must implement risk management programs and conduct impact assessments.

Currently, 539 published AI bills on AI Laws by State reference high-risk AI classifications. The guide below maps every state's approach, compares definitions side by side, explains obligations for both AI developers and deployers, and covers NIST AI RMF safe harbor provisions that may reduce compliance burden.

Get the Free Guide

We’ll email the PDF to you instantly.

Check your inbox

The PDF has been sent to . It should arrive within a minute.

What’s Inside the Guide

25 pages of high-risk AI compliance guidance, fact-checked from official sources

State Definitions Compared

Colorado, Texas, California, Illinois, Connecticut, Utah, and more — every state's approach to classifying high-risk AI.

Colorado Deep-Dive

The most comprehensive U.S. framework: 8 consequential decision categories, developer/deployer duties, exemptions.

Developer vs. Deployer

Side-by-side comparison of what developers must do vs. what deployers must do in each state.

Safe Harbors & Defenses

NIST AI RMF and ISO 42001 as affirmative defenses — which states recognize them and how to document compliance.

Penalties & Enforcement

Penalty matrix across all states with enforcement authority, cure periods, and private right of action.

Federal Preemption Analysis

Trump EO, proposed state AI moratorium, and what it means for your compliance strategy.

Every fact cited to official government sources and authoritative legal analysis. Research covers enacted laws only — no proposed bills. Current as of May 2026. Reviewed against primary legislative texts, state agency publications, and top-tier law firm analysis.

This checklist is provided for informational purposes only and does not constitute legal advice. Consult with qualified legal counsel for compliance guidance specific to your organization. © 2026 AI Laws by State LLC. 1309 Coffeen Avenue STE 1200, Sheridan, Wyoming 82801.