Colorado SB 205 takes effect June 30, 2026

Build the AI governance program your organization actually needs.

Colorado’s AI Act creates a new standard for how companies deploy AI responsibly. Human AI Partners helps organizations meet that standard with well-designed governance infrastructure — and build the internal culture to make it lasting.

Schedule a Readiness Assessment → See Our Services
Colorado AI Act Effective Date

days

until SB 205 takes effect — time to prepare well

1st

Comprehensive state AI law in the U.S.

90 days

Response window for AG documentation requests

Annual

Impact assessments required per system

50+

FTE threshold for full obligations

WHAT WE DO

Compliance. Adoption. Research.

Responsible AI governance, meaningful technology adoption, and rigorous research into how people experience AI at work. Three practices that strengthen each other — and strengthen the organizations we work with.

SB 205 Compliance

Full-scope implementation of Colorado’s AI Act — from initial system classification through ongoing governance. The statute explicitly authorizes third-party delivery of impact assessments. We produce the documented compliance program that earns your organization the affirmative defense.

  • Readiness assessments and AI system classification
  • Impact assessments (the statute explicitly authorizes third-party delivery)
  • Risk management policy and governance program design
  • Consumer notice and appeal process development
  • Vendor documentation review and gap analysis
  • Annual compliance refresh and AG-readiness records
Start with a readiness assessment →

AI Adoption & Culture Change

Enterprise AI investments produce measurable returns only when employees integrate the tools into daily workflows. A training event cannot accomplish that. A sustained community of practice — with behavioral measurement, peer accountability, and structured experimentation — can.

  • 12-week community-of-practice cohort programs
  • Behavioral baseline and outcome measurement
  • AI Experiment framework for real workflow integration
  • Manager coaching on AI tool encouragement and recognition
  • Adoption health diagnostics with hard usage data
Talk to us about adoption →

The Human AI Index

A longitudinal panel study tracking how professional women experience AI adoption across multiple years — the only dataset of its kind. University-partnered methodology produces the evidence base that corporate sponsors, policymakers, and researchers cannot find elsewhere.

  • Annual panel survey tracking 7 core constructs
  • University-partnered methodology with IRB oversight
  • Corporate benchmarking reports for enrolled organizations
  • Sponsor-tier access to full data and analyst briefings
  • Published findings that drive industry conversation
Become a founding sponsor →
WHY HUMAN AI PARTNERS

Where legal guidance meets organizational reality.

Your attorneys interpret the statute. A software platform can template documentation. The work that sits between — designing governance structures with your stakeholders, writing policy in your organizational language, training employees on new processes — is where compliance becomes capability.

  • Colorado-native practice — Built in the state where the law applies, embedded in the business community it affects, and connected to the legal firms already advising your organization.
  • Statutory authorization — SB 205 §6-1-1703(3)(a)(I) explicitly provides for impact assessments completed by “a third party contracted by the deployer.” Our deliverables produce a legally cognizable compliance record.
  • Research, governance, and learning design under one roof — Compliance assessments require behavioral research rigor. Governance programs require organizational consulting depth. Employee adoption requires learning design expertise. We staff all three internally.
  • From regulatory milestone to organizational capability — Every compliance engagement reveals how an organization actually makes decisions with AI. That clarity becomes the foundation for a governance culture that creates lasting value well beyond any single regulation.

Companies that discover and cure violations — through user feedback, adversarial testing, or internal review — earn a rebuttable presumption of compliance. A documented governance program, especially one developed with third-party expertise, creates the strongest possible foundation for that defense.

Based on the Affirmative Defense provision, Colorado SB 24-205

78%

of organizations now use AI in at least one business function

23%

can quantify the productivity gains with hard data

HOW WE WORK

A clear path from assessment to governance

Each phase produces documented outcomes that strengthen your compliance posture. Each phase builds the foundation for the next — and for the organization you’re becoming.

1

Readiness Assessment

A complete inventory of your deployed AI systems, classification against the statutory high-risk threshold, and a gap analysis mapping your current posture to each of the five deployer obligations.

Includes AI system inventory, high-risk classification decision tree, vendor documentation review, gap analysis against all five deployer obligations, and a prioritized remediation roadmap. Delivered in 4–6 weeks.

2

Policy & Assessment Delivery

Written risk management policy mapped to the NIST AI Risk Management Framework, impact assessments for each qualifying system, consumer notice templates, appeal processes, and public transparency statement.

Every document is calibrated to your size, complexity, and AI portfolio — mapped to the NIST AI Risk Management Framework. Consumer notice templates, appeal and data correction processes, and employee training materials included.

3

Governance Retainer

Responsible AI governance is continuous — annual assessment refreshes, deployment reviews, regulatory monitoring, and evolving best practices. The retainer ensures your program grows with your organization.

Annual impact assessment updates, systematic deployment reviews, AG regulatory monitoring with client alerts, 3-year records archive maintenance, and incident response protocol with structured AG notification support.

ABOUT US

Rooted in the Women in AI of Colorado community

Human AI Partners grew out of WinAI — a practitioner network of professional women working with AI in Colorado organizations. Years of facilitated peer learning, real-world experimentation, and direct observation of how AI adoption succeeds and fails inside companies.

That practitioner base is the foundation of the firm. It informs how we design governance programs, how we structure adoption interventions, and why our compliance work accounts for organizational behavior — not just regulatory checklists.

Precision in scope

Engagements are scoped to what the statute requires of your specific organization — no more, no less. Honest assessment prevents both under-preparation and over-spend.

Living governance

A compliance program is an organizational system — defined processes, assigned personnel, review cadences, incident protocols — not a static document archive.

Jurisdiction-specific depth

SB 205 is the first comprehensive state AI law in the United States. Our practice is built entirely around its requirements and the Colorado regulatory environment.

Equity as methodology

SB 205 was written to address algorithmic discrimination in consequential decisions. Our assessment methodology centers that concern — it is not an afterthought in the compliance checklist.

Our Team

JY

Julie Young

Assessment Methodology & Research

HCI researcher and behavioral scientist. Assessment framework architecture, NIST AI RMF interpretation, algorithmic discrimination risk analysis, and principal investigator for the Human AI Index longitudinal study.

CC

Cynthia Coulbourne

Governance & Client Strategy

Enterprise consultant and sustainability strategist. Stakeholder interviewing, governance structure design, organizational policy development, and client engagement management across all phases.

SA

Susan Adams

Learning Design & Adoption

Curriculum architect and adult learning specialist. Employee training programs, consumer notice and plain-language communication design, and the community-of-practice methodology that drives measurable behavior change in AI adoption engagements.

INSIGHTS

Analysis & perspective

Original analysis of Colorado’s AI regulatory landscape, enterprise adoption patterns, and the organizational implications of algorithmic governance.

Regulatory Analysis

The Affirmative Defense Is the Entire Point of SB 205 Compliance

Most coverage of Colorado’s AI Act focuses on what companies must do. The more consequential question is what happens when they can prove they did it. A close reading of the statute’s affirmative defense provision and its implications for compliance program design.

April 2026

Enterprise AI

Why 70% of Your Copilot Licenses Are Sitting Idle — and What the Research Says About Fixing It

The enterprise AI adoption gap is not a training problem. Longitudinal research on communities of practice, behavioral measurement, and the structural reasons why knowledge transfer events fail to produce sustained workflow change.

April 2026

Policy

SB 205’s Small Company Exemption Is Narrower Than You Think

The exemption for companies under 50 FTE eliminates only three of the five deployer obligations. Consumer notice requirements and incident reporting apply regardless of size. What the carve-out actually says, parsed section by section.

April 2026

ENGAGEMENT PROFILES

Representative scenarios

Illustrative engagement structures based on the SB 205 obligations that apply to common Colorado industry profiles. Published case studies from completed engagements will appear here as they become available.

Financial Services

Regional bank deploying AI credit scoring and fraud detection

Multiple high-risk AI systems across lending, underwriting, and fraud prevention. Each system triggers independent impact assessment obligations. Consumer notice requirements apply to every adverse credit decision influenced by AI.

  • Phase 1: AI system inventory across 4 business lines, high-risk classification, vendor documentation gap analysis
  • Phase 2: Per-system impact assessments, enterprise risk management policy, adverse decision notice templates, appeal process design
  • Phase 3: Annual assessment refresh, regulatory monitoring, records maintenance, incident response protocol
Healthcare

Health system using AI clinical decision support and administrative eligibility tools

AI-assisted triage, treatment recommendations, and insurance eligibility determinations each constitute consequential decisions under the statute. Patient-facing notice requirements intersect with existing HIPAA communication protocols.

  • Phase 1: Clinical and administrative AI inventory, consequential decision mapping, existing compliance overlay analysis
  • Phase 2: Impact assessments integrated with existing risk frameworks, patient notice design, staff training on new disclosure obligations
  • Phase 3: Ongoing monitoring, annual reviews coordinated with existing compliance calendar, AG-readiness documentation
Mid-Market Employer

200-person company using AI in hiring, performance management, and customer service

HR screening tools, performance review AI, and customer-facing chatbots each trigger different SB 205 obligations. Employment decisions carry the highest discrimination risk profile. The governance program must span three functional areas with different stakeholders.

  • Phase 1: Cross-functional AI inventory, HR system risk prioritization, vendor documentation requests
  • Phase 2: Consolidated risk management policy, per-system assessments, employee and candidate notice templates, appeal workflow design
  • Phase 3: Annual refresh, AI system change monitoring, employee training updates, governance committee support
RESOURCES

Published Analysis & Tools

Plain-language analysis of SB 205 requirements, self-assessment instruments, and original research on AI adoption in Colorado organizations.

Free Assessment

SB 205 Readiness Checklist

A one-page self-assessment: Is your company subject to the Colorado AI Act? Which of your systems qualify as high-risk? Are you ready for June 30? Five minutes to find out.

Download the checklist →
Guide

What Does a Compliant AI Impact Assessment Actually Contain?

The seven required elements of an SB 205 impact assessment, translated from statutory language into plain English. What you need to produce and why it matters.

Read the guide →
Research

AI Adoption Health Check

Ten questions that reveal whether your AI investment is generating returns or gathering dust. Scored output across five adoption health dimensions. Free for Colorado businesses.

Take the health check →

The organizations that lead on AI governance will define the standard.

Colorado is setting the pace for responsible AI in the United States. The companies that invest in thoughtful governance programs now are building something more valuable than compliance — they are building trust.

GET STARTED

Begin with a conversation

For organizations

Most engagements begin with a readiness assessment — a structured evaluation of your AI systems, their classification under the statute, and a clear roadmap for building your governance program. Typical timeline is four to six weeks. If your current posture is already strong, the assessment will confirm that.

For referring counsel

You advise on the regulatory exposure. We implement the compliance program — impact assessments, governance infrastructure, employee training, and ongoing records management. A collegial referral arrangement structured to serve your client’s interests.

Request a conversation