Does Connecticut regulate AI?

Yes, but only state agencies — not private businesses. Connecticut's enacted AI law, SB-1103 / Public Act 23-16 (signed June 7, 2023, effective July 1, 2023), imposes oversight on state agency use of AI and automated decision-making: agencies must conduct impact assessments before deploying AI systems, publish a public AI inventory, and submit annual reports to the state legislature's joint consumer-protection committee. The law does not regulate private-sector AI use. Efforts to enact a comprehensive private-sector AI governance statute — Senator James Maroney's SB-2 (modeled on Colorado SB-24-205) — have been introduced and advanced in the Connecticut Senate in the 2024 and 2025 sessions, but SB-2 did not pass the House in either session. As of April 2026, Connecticut private-sector AI use is governed by generally-applicable federal and state laws (consumer protection, data privacy under the Connecticut Data Privacy Act, civil rights statutes, sector-specific rules) rather than a dedicated AI statute. Monitor successor bills in the 2026 and 2027 Connecticut legislative sessions.

Does Colorado require AI impact assessments?

No longer. SB 26-189 (signed 2026-05-14) repealed and reenacted Colorado's AI Act, eliminating the impact-assessment requirement entirely. Colorado now instead requires deployers of automated decision-making technology (ADMT) to: give consumers clear interaction notice, disclose adverse consequential decisions within 30 days, allow correction of incorrect personal data, and provide meaningful human review and reconsideration. The statute formally takes effect 2026-08-12, but all compliance obligations — for deployers and developers alike — begin 2027-01-01.

Which states give consumers the right to appeal AI decisions?

Colorado's AI Act (SB 26-189, which repealed and reenacted SB 24-205) gives consumers meaningful human review and reconsideration after an adverse consequential decision made or substantially influenced by an automated decision-making technology (ADMT). Connecticut SB-1103 similarly provides the right to appeal adverse decisions made by high-risk AI systems and request human review.

What are Connecticut's high-risk AI system requirements?

Last verified: May 31, 2026

Answer

Connecticut does not currently impose high-risk AI system requirements on private-sector businesses. Connecticut's enacted AI law — SB-1103 / Public Act 23-16 (signed June 7, 2023, effective July 1, 2023) — regulates state agencies only: it requires agencies to complete AI impact assessments before deployment, maintain publicly-accessible AI inventories (including vendor, purpose, start date, and the extent to which the system replaces human judgment), and submit annual reports to the Connecticut General Assembly's joint consumer-protection committee. Private-sector firms are not covered. Senator James Maroney has repeatedly introduced a comprehensive high-risk AI deployer bill (SB-2) in the 2024 and 2025 sessions — modeled on Colorado SB-24-205, with risk assessments, governance policies, and incident reporting — but SB-2 passed the Senate and died in the House both sessions. Until a successor bill is enacted, Connecticut businesses should look to federal rules, sector-specific guidance (e.g., for insurance or healthcare), and neighboring-state law (e.g., Colorado's AI Act, SB 26-189, whose obligations begin January 1, 2027, which uses a disclosure-and-notice model rather than a high-risk assessment framework) when designing AI governance programs.

Applicable Regulations

SB-1103

An Act Concerning Artificial Intelligence, Automated Decision-Making and Personal Data Privacy (Public Act 23-16)

enacted

Public Act 23-16 — the enacted form of Connecticut SB-1103 (2023 session). Signed by Governor Ned Lamont on June 7, 2023, making Connecticut among the first states to impose oversight on state agency use of AI. Government-only scope: does NOT directly regulate private-sector AI. Requires state agencies to complete impact assessments before deploying AI systems, publish a public AI inventory, and submit annual reports to the joint standing consumer-protection committee. Sections 1–3 effective July 1, 2023; Section 4 effective October 1, 2023; Section 5 effective upon passage.

Key Requirements

State Agency AI Impact Assessments State agencies may not employ AI systems that have not undergone impact assessments or that result in unlawful discrimination or disparate impact against specified individuals or groups

Public AI Inventory All inventory reports detailing AI systems used by state agencies and the Judicial Department must be publicly accessible online, with the Department of Administrative Services making its inventories available on the state's open data site

Annual Consumer-Protection Report Annual report to the joint standing committee on consumer protection, due February 15 beginning 2025 and annually thereafter

Effective: 2023-07-01 Penalties: Oversight and enforcement through legislative reporting requirements. Agencies failing to comply face ongoing reporting obligations to the Connecticut General Assembly.

Full State Analysis

Connecticut AI Regulations

Where this lands operationally

Gridex turns the compliance or coverage question into operated workflow controls: intake, review points, audit trails, and the places a person stays in the decision.

Governed AI DeploymentRun AI inside real work with audit trails, human review points, and the operating controls underwriters and regulators expect.Managed Intake & QualificationCapture, qualify, and route incoming work with disclosure, consent, and human review built into the intake step.

Map This Workflow With Gridex

Use this research to identify the workflow, review points, and operating controls that would matter in your organization.

Map This Workflow With Gridex →