The Complete AI Compliance Checklist

Every regulation your AI deployment needs to satisfy — broken into actionable items. Use this as your starting point for AI governance, audit preparation, and vendor evaluation.

Why AI Compliance Matters

AI is not a compliance-free zone. Every regulation that governs your data today applies to AI systems that process that data. In many cases, regulators are interpreting existing rules more strictly for AI because the technology introduces new risk vectors: opaque decision-making, training data contamination, model drift, and third-party data exposure through cloud APIs.

The regulatory landscape for AI is accelerating. The HHS OCR issued specific AI guidance for HIPAA in 2024–2025. The EU AI Act took effect with tiered obligations based on risk classification. The NIST AI Risk Management Framework is being adopted by federal agencies and referenced in procurement requirements. State-level AI laws are emerging in Virginia, Washington, Connecticut, and California.

This checklist covers the major federal regulations that affect AI deployments in the United States. Each section includes actionable items you can verify, implement, and document. It is not legal advice — but it is a practical starting point for organizations that need to deploy AI responsibly.

Compliance Framework Overview

The table below maps each regulation to its key AI-specific requirements and the advantage of on-premise deployment for compliance.

Regulation Key AI Requirements On-Premise Advantage
HIPAA PHI protection, BAA for data processors, audit logging, Security Rule safeguards No BAA needed — no third-party data processor. Full control over audit controls and safeguards.
GLBA NPI protection, Safeguards Rule compliance, third-party risk management Eliminates third-party risk. NPI never leaves your controlled environment.
GDPR Data subject rights, DPIA, cross-border transfer restrictions, right to explanation Data never crosses borders. No data processor relationship. Full control over data subject requests.
SOC 2 Trust service criteria (security, availability, confidentiality, processing integrity) AI system falls within your existing SOC 2 scope. No separate vendor assessment needed.
CMMC 2.0 CUI protection, supply chain security, maturity level requirements AI system operates within your CMMC-controlled environment. No supply chain risk from AI vendor.
FERPA Student record protection, consent requirements, directory data controls Student data stays on campus. No third-party data processor. Full control over consent and access.

HIPAA Checklist

The Health Insurance Portability and Accountability Act governs the use and disclosure of Protected Health Information (PHI). When AI systems process PHI — patient records, clinical notes, lab results — they fall under HIPAA's Privacy Rule, Security Rule, and Breach Notification Rule.

PHI Handling

  • [ ] Data inventory — Document all PHI types processed by the AI system (clinical notes, lab results, imaging reports, demographics, billing data)
  • [ ] Minimum necessary — Confirm the AI system only accesses the minimum PHI necessary for its function
  • [ ] Business Associate determination — Determine whether the AI vendor is a business associate (on-premise deployment: not applicable)
  • [ ] BAA — Execute BAA with any third-party that processes PHI (on-premise: no BAA needed for the AI system itself)
  • [ ] De-identification — If using de-identified data for model training, apply the Safe Harbor method (18 identifiers) or Expert Determination method per 45 CFR 164.514

BAA Considerations

  • [ ] Vendor assessment — Review all AI vendors against business associate criteria
  • [ ] Subprocessor tracking — Map all subprocessors in the AI supply chain (cloud providers, analytics tools, logging services)
  • [ ] BAA terms — Verify BAA covers AI-specific use cases (model training, inference, data retention)

Audit Requirements

  • [ ] Audit controls — Implement mechanisms to record and examine activity in AI systems containing ePHI (45 CFR 164.312(b))
  • [ ] Log content — Logs must include user ID, timestamp, action performed, and PHI accessed
  • [ ] Log retention — Maintain audit logs for 6 years minimum (45 CFR 164.530(j))
  • [ ] Log integrity — Protect audit logs from unauthorized modification (append-only storage, tamper detection)
  • [ ] Periodic review — Conduct regular reviews of audit logs to detect unusual access patterns

Security Rule Safeguards

  • [ ] Access controls — Unique user identification, emergency access procedure, automatic logoff, encryption and decryption (45 CFR 164.312(a))
  • [ ] Integrity controls — Mechanisms to ensure ePHI is not improperly altered or destroyed (45 CFR 164.312(c))
  • [ ] Person authentication — Verify person seeking access is who they claim to be (45 CFR 164.312(d))
  • [ ] Technical safeguards — Access control, integrity, audit control, person or entity authentication
  • [ ] Physical safeguards — Facility access controls, workstation use, workstation security, device and media controls (45 CFR 164.310)
  • [ ] Administrative safeguards — Security management process, workforce security, information access management, security awareness and training, sanction policy, contingency plan (45 CFR 164.308)

GLBA Checklist

The Gramm-Leach-Bliley Act requires financial institutions to protect Nonpublic Personal Information (NPI). AI systems that process customer financial data, transaction histories, credit applications, or account information are in scope.

NPI Protection

  • [ ] Data classification — Classify all data processed by the AI system (NPI, aggregated data, public data)
  • [ ] Access controls — Restrict AI system access to personnel with legitimate business need
  • [ ] Data retention — Define and enforce data retention policies for AI-processed NPI
  • [ ] Encryption — Encrypt NPI at rest and in transit within the AI system
  • [ ] Disposal — Securely dispose of NPI when no longer needed by the AI system

Third-Party Risk

  • [ ] Vendor due diligence — Assess AI vendor's security practices, certifications, and incident history
  • [ ] Contractual safeguards — Include data protection, audit rights, and breach notification in vendor contracts
  • [ ] Ongoing monitoring — Monitor vendor compliance with contractual obligations
  • [ ] Exit strategy — Plan for secure data return or destruction when vendor relationship ends

Safeguards Rule Compliance (12 CFR Part 40)

  • [ ] Designated employee — Designate at least one employee to coordinate the safeguards program
  • [ ] Threat analysis — Identify reasonably foreseeable internal and external threats to NPI
  • [ ] Control measures — Implement administrative, technical, and physical safeguards
  • [ ] Service provider management — Take reasonable steps to select and retain service providers that implement safeguards
  • [ ] Testing and monitoring — Test and monitor effectiveness of safeguards program
  • [ ] Disposition — Dispose of consumer records securely
  • [ ] Program adjustments — Adjust safeguards program based on operations, changes in technology, or risk assessments
  • [ ] Reporting — Report on safeguards program to board of directors

GDPR Checklist

The General Data Protection Regulation applies to any organization processing personal data of EU data subjects, regardless of where the organization is located. AI systems processing EU citizen data — even as part of global deployments — trigger GDPR obligations.

Data Subject Rights

  • [ ] Right of access — Enable data subjects to obtain confirmation that their data is processed and access to that data
  • [ ] Right to rectification — Allow correction of inaccurate personal data in AI system inputs and outputs
  • [ ] Right to erasure — Implement processes to delete personal data from AI system inputs, vector stores, and logs
  • [ ] Right to restriction — Allow data subjects to restrict processing of their personal data
  • [ ] Right to data portability — Enable export of personal data in a structured, machine-readable format
  • [ ] Right to object — Allow data subjects to object to processing based on legitimate interests or direct marketing
  • [ ] Automated decision-making (Art. 22) — If AI makes decisions that produce legal or similarly significant effects, provide the right to human intervention

DPIA Requirements

  • [ ] DPIA trigger assessment — Determine if AI deployment requires a Data Protection Impact Assessment (systematic and extensive evaluation of personal data, large-scale processing, special category data)
  • [ ] DPIA documentation — Document systematic description, necessity and proportionality assessment, risk assessment, and measures to address risks
  • [ ] Consultation with supervisory authority — If DPIA indicates high risk that cannot be mitigated, consult the relevant supervisory authority before processing

Cross-Border Transfers

  • [ ] Transfer mechanism — If personal data is transferred outside the EEA, implement appropriate safeguards (Standard Contractual Clauses, Binding Corporate Rules, adequacy decision)
  • [ ] Transfer impact assessment — Assess whether the destination country's laws ensure an adequate level of protection
  • [ ] Supplementary measures — Implement technical (encryption) and organizational measures where destination country laws are insufficient

SOC 2 Checklist

Service Organization Control 2 reports evaluate controls against the AICPA Trust Services Criteria. Organizations with SOC 2 compliance (Type I or Type II) must ensure their AI systems fall within the audit scope and meet the applicable criteria.

Trust Service Criteria

  • [ ] Security (Common Criteria) — Protection against unauthorized access, both physical and logical. Network security, access controls, encryption, intrusion detection.
  • [ ] Availability — System availability per service level commitments. Redundancy, disaster recovery, incident response, uptime monitoring.
  • [ ] Processing Integrity — System processing is complete, accurate, timely, and authorized. AI output accuracy, data quality controls, error handling.
  • [ ] Confidentiality — Information designated as confidential is properly protected. Data classification, access controls, encryption, data retention and disposal.
  • [ ] Privacy — Personal information is collected, used, retained, disclosed, and disposed of in conformity with privacy commitments. Notice, choice, collection limits, use limitations, data quality, access, disclosure for lawful purposes, recourse, enforcement, accountability.

AI-Specific Controls

  • [ ] Model governance — Documented model selection, validation, and change management processes
  • [ ] Input validation — Controls to prevent prompt injection, data exfiltration, and unauthorized data access through the AI system
  • [ ] Output review — Processes for reviewing AI-generated outputs for accuracy, appropriateness, and compliance
  • [ ] Model drift monitoring — Ongoing monitoring of model performance and accuracy over time
  • [ ] Training data provenance — Documentation of training data sources, licensing, and quality controls

Audit Preparation

  • [ ] System description — Include AI system in the organization's system description for SOC 2 scope
  • [ ] Control design documentation — Document all controls applicable to the AI system
  • [ ] Operating effectiveness evidence — Collect evidence that controls operated effectively throughout the audit period
  • [ ] Remediation tracking — Track and remediate any control deficiencies identified during the audit

CMMC 2.0 Checklist

Cybersecurity Maturity Model Certification 2.0 applies to defense contractors handling Controlled Unclassified Information (CUI). AI systems that process CUI, support the defense supply chain, or are used in contract performance are in scope.

CUI Handling

  • [ ] CUI identification — Identify and mark all CUI processed by the AI system
  • [ ] CUI protection — Apply appropriate safeguards for CUI (encryption, access controls, audit logging)
  • [ ] CUI transmission — Ensure CUI is not transmitted outside authorized environments (on-premise AI eliminates this risk)
  • [ ] CUI disposal — Securely dispose of CUI processed by the AI system when no longer needed

Supply Chain Security

  • [ ] Supply chain risk assessment — Assess risks from AI system components (models, libraries, frameworks, hardware)
  • [ ] Component provenance — Verify the origin and integrity of all AI system components
  • [ ] Software Bill of Materials (SBOM) — Maintain an SBOM for all software components in the AI system
  • [ ] Open-source risk management — Assess and manage risks from open-source AI models and libraries
  • [ ] Vendor assessment — Evaluate AI vendors against CMMC requirements and DFARS 252.204-7012

Maturity Levels

  • [ ] CMMC Level 2 (Practice) — Implement 110 security controls from NIST SP 800-171 for CUI protection
  • [ ] CMMC Level 3 (Proficient) — Implement and manage 134 security controls from NIST SP 800-172 for FCI protection (where applicable)
  • [ ] AI system mapping — Map AI system controls to NIST SP 800-171 control families (Access Control, Awareness and Training, Audit and Accountability, Configuration Management, Identification and Authentication, Maintenance, Media Protection, Physical Protection, Risk Assessment, System and Communications Protection)

FERPA Checklist

The Family Educational Rights and Privacy Act protects the privacy of student education records. AI systems used by educational institutions that process student data — grades, attendance, disciplinary records, intellectual work — are subject to FERPA requirements.

Student Data Protection

  • [ ] Education record identification — Identify all education records processed by the AI system
  • [ ] Directory data controls — Separate directory data from non-directory data; honor opt-out requests for directory data disclosure
  • [ ] Consent management — Obtain written consent before disclosing personally identifiable information from education records (with FERPA exceptions)
  • [ ] Access controls — Restrict access to student education records to authorized personnel only
  • [ ] Data minimization — Process only the student data necessary for the AI system's educational purpose

Educational Records

  • [ ] Parent/student access — Enable parents (or eligible students) to inspect and review education records processed by the AI system
  • [ ] Amendment process — Provide a process for parents/students to request amendment of inaccurate or misleading records
  • [ ] Record of disclosures — Maintain a record of all disclosures of personally identifiable information from education records (except those made with consent or to school officials with legitimate educational interest)

Institutional Policies

  • [ ] Policy development — Develop and publish policies governing AI use with student data
  • [ ] Staff training — Train staff on FERPA requirements for AI system use
  • [ ] Annual notification — Notify parents/students annually of their FERPA rights and the institution's AI use policies
  • [ ] Vendor agreements — Ensure AI vendors meet FERPA's "school official" exception or obtain proper consent

General AI Governance

Beyond specific regulations, every AI deployment requires governance practices that address model risk, bias, explainability, and documentation. These practices are increasingly referenced in regulatory guidance and expected by auditors, regardless of industry.

Model Risk Management

  • [ ] Model inventory — Maintain a registry of all AI models in use, including purpose, inputs, outputs, and risk classification
  • [ ] Model validation — Validate model performance against defined metrics before deployment
  • [ ] Model monitoring — Continuously monitor model performance for drift, degradation, and unexpected behavior
  • [ ] Model versioning — Track model versions, updates, and rollback procedures
  • [ ] Model retirement — Define criteria and processes for retiring models that no longer meet performance or compliance standards

Bias Testing

  • [ ] Bias assessment — Test AI outputs for bias across protected characteristics (race, gender, age, disability, etc.)
  • [ ] Training data review — Assess training data for representation gaps and historical biases
  • [ ] Mitigation strategies — Implement techniques to reduce identified biases (re-weighting, adversarial debiasing, post-processing)
  • [ ] Ongoing monitoring — Monitor for bias emergence as models process new data over time

Explainability

  • [ ] Decision documentation — Document how AI systems arrive at specific outputs or recommendations
  • [ ] Source attribution — For RAG systems, provide source citations for retrieved information
  • [ ] Confidence scoring — Provide confidence scores or uncertainty estimates for AI outputs
  • [ ] Human oversight — Define when and how human review is required for AI-generated outputs

Documentation

  • [ ] System architecture documentation — Document the complete AI system architecture, including data flows, components, and integrations
  • [ ] Model cards — Create model cards describing each model's intended use, training data, performance metrics, and known limitations
  • [ ] Operational runbooks — Document procedures for operating, maintaining, and troubleshooting the AI system
  • [ ] Incident response plan — Develop an incident response plan specific to AI system failures, including hallucination incidents, data breaches, and model compromise

The On-Premise AI Compliance Advantage

On-premise AI deployment simplifies compliance across every regulation in this checklist. The common thread is the same: when your AI runs on your infrastructure, you control the data, you control the access, and you control the audit trail. There are no third-party data processors to assess, no subprocessor disclosures to parse, no cross-border data transfers to justify.

How On-Premise Simplifies Compliance

  • No business associate agreements — Under HIPAA, the AI vendor is not a business associate because it never receives PHI. The AI runs on your servers, in your data center, under your control.
  • No third-party risk assessments — Under GLBA Safeguards Rule, the AI system is part of your infrastructure, not a third-party service requiring separate vendor due diligence.
  • No cross-border transfers — Under GDPR, personal data never leaves your jurisdiction. No Standard Contractual Clauses, no transfer impact assessments, no adequacy decisions to track.
  • Single SOC 2 scope — The AI system falls within your existing SOC 2 audit scope. No separate vendor SOC 2 report to review, no supplementary questions to answer.
  • CUI stays in your environment — Under CMMC, CUI processed by the AI system never leaves your controlled environment. No supply chain risk from AI vendor subprocessors.
  • Student data stays on campus — Under FERPA, student education records processed by the AI system remain within the institution's infrastructure. No disclosure to outside parties.

The on-premise advantage isn't just about avoiding regulatory complexity. It's about having a defensible position when auditors, examiners, or regulators ask: "Show us exactly where your data goes, who can access it, and how you know it's secure." With on-premise AI, you can show them the servers, the network diagrams, the access logs, and the encryption keys — because they're all yours.

Next Steps

Use this checklist as a living document. Work through each section with your compliance, legal, and IT teams. Identify gaps, assign owners, and track remediation. For organizations deploying AI on their own infrastructure, many of these items are already satisfied by existing controls — the key is documenting the alignment.

BPI helps organizations navigate AI compliance as part of our Privacy-First AI engagements. We design AI architectures that satisfy your regulatory requirements from day one, not as an afterthought. Our Zero Data Touch model means we build on your infrastructure without creating additional compliance obligations. Learn more about what we do across industries or book a consultation to discuss your compliance requirements.

Related Resources

Need Help Navigating AI Compliance for Your Organization?

Book a free 30-minute consultation. We'll discuss your regulatory requirements, your data environment, and how on-premise AI simplifies compliance. No pressure. No pitch deck.

Book a Free Consultation

No commitment. No sales pitch. Just a conversation. We respond within 24 hours.