Washington adopted its statewide AI policy, DATA-04, on December 11, 2025. It is short, it is enforceable, and most of the people it affects have not read it. If you run or buy technology for a government agency in this state, here is what it actually requires, with the legalese boiled off.
One thing up front. DATA-04 binds state agencies under WaTech governance. Counties, cities, and special districts are not directly named. But it is already the reference standard everyone gets measured against, and the moment your work touches a state contract or a state data feed, these requirements come downhill at you anyway. Reading it as optional is a bet I would not make.
Know What You Have Before You Defend It
The first real obligation is an inventory. Agencies have to identify and document every AI-enabled application, and specifically flag the ones using generative AI, as part of the annual application certification they already do. You cannot govern what you have not catalogued, and “we are not sure what is using AI” is the answer that turns into an audit finding.
You also have to name an AI Contact. Not necessarily a technical role, but someone who actually knows what AI is running in the building. Then, before standing up anything new, you have to define the business outcome you expect and confirm the tool actually fits it. The policy is quietly telling agencies to stop buying AI because it is AI.
Risk Is the Whole Game
Sections 5 through 8 are the spine. Agencies must maintain a process to identify, assess, and manage AI risk and put controls in place sized to that risk. High-risk systems, including high-risk generative AI, get singled out: you determine high-risk status during any security design review or required risk assessment, and you complete a formal AI Risk Assessment before a high-risk system goes live.
“High-risk” is defined as anything that threatens a person’s health, safety, or fundamental rights. Think biometrics, employment decisions, health care, law enforcement, critical infrastructure, elections. If your AI makes or shapes a decision that lands on a citizen, assume you are in scope until you have proven otherwise.
Accuracy is not aspirational here. Generative output used in public communication or decision-making has to be reviewed, fact-checked, and edited for bias by an actual human. Then you monitor outputs on an ongoing basis, scaled to the risk level. Low risk gets a light touch. High risk gets watched.
The Parts That Will Trip People Up
Three requirements are going to generate the most pain because they touch people and contracts, not just architecture.
Training is mandatory for every employee, not just the IT shop. Basic AI literacy covering how AI works, common uses, ethical responsibilities, and automation bias has to happen within 60 days of onboarding and at least annually after that. That is a real recurring lift for any sizable workforce.
Data handling has teeth. You cannot drop non-public data into unlicensed AI tools without proper contracts. Sharing Category 3 or 4 data outside the agency requires a written data sharing agreement, and any vendor selling a high-risk generative AI system has to certify it runs an AI governance program aligned to the NIST AI Risk Management Framework. If your vendor cannot say that with a straight face, that is your signal.
And there is a flat prohibition: no using AI to clone a real person’s face, image, or voice without their knowledge and consent. Short, blunt, and a good idea.
The High-Risk Adoption Plan Is the Big One
If you deploy high-risk generative AI, Section 14 requires a written adoption plan, and it is a long list. Defined use cases and goals. Bias and disparate-impact controls. Environmental impact, including water and energy. Data quality standards. Measurable results. At least annual post-deployment monitoring. Opt-out rights for affected individuals, or a documented reason you cannot offer them. And a human-review path where due process is on the line. This is the section that separates a real deployment from a demo someone wired into production.
One last clause for union shops: if any part of an agency’s AI policy conflicts with a collective bargaining agreement, the CBA wins. Worth knowing before you write internal rules someone has already negotiated against.
Where This Leaves You
DATA-04 is not the wall it looks like. Most of it is inventory, risk assessment, monitoring, and documentation, the same disciplines that make AI work in the first place. The agencies that struggle will be the ones who bought the tool first and went looking for the governance later.
I build inside the FedRAMP-authorized GCC (Government Community Cloud) boundary and architect to NIST 800-171 and CMMC control objectives, which is most of this checklist by another name. I am a one-person veteran-owned small business, so when we talk you are talking to the engineer who does the work, not an account manager. If you are staring at this policy wondering where your AI inventory and risk posture actually stand, let’s talk.