Summary
Establishes a statewide, risk-based governance framework for AI used by Kentucky government; directs the Commonwealth Office of Technology to set and enforce standards; creates an AI Governance Committee; requires disclosure of public‑sector AI use and employee training; and adds synthetic‑media disclosure/cause-of-action provisions. Includes emergency provisions.
Healthcare Implications
State health agencies must adopt AI standards for eligibility, program integrity, surveillance, and other AI‑enabled systems, with inventories, privacy/security controls, human oversight, and disclosures where applicable. Procurements for AI tools will likely require compliance attestations.
Operational Implications
- Human review required for consequential AI-driven decisions.
- Public disclosure when AI is used in decision-making affecting citizens.
- Anti-discrimination documentation; data security/privacy; employee education and training.
- Centralized registry of AI systems maintained by COT.
- State agencies must obtain COT approval before implementing AI systems (pre-deployment approval gate).
- COT establishes AI policy standards aligned with NIST and ISO benchmarks; AI Governance Committee within COT.