Preparing for AI in Government Contracts
I make no bones about my personal and professional use of AI tools, about which I have written frequently here. I manage the associated risks through careful and disciplined use, and I advise others to do the same.
One area that directly affects both me and my clients is the way government agencies are increasingly incorporating AI-related guidelines into IT procurements. Some agencies specifically request systems that integrate AI-based processes to streamline or accelerate workflows. Others embed definitions of AI into state laws and local policies that govern how AI may be used in public services.
None of this should come as a surprise. Government agencies have always been vigilant about controlling how personal and private data are managed. A growing ecosystem of public bodies and advisory organizations now exists to help agencies — and state legislatures — understand how emerging technologies affect data governance and public accountability.
Some may view these new rules and regulations as a hindrance to innovation; others will recognize them as an opportunity.
I fall into the latter camp.
At a minimum, any government IT contractor worth its salt understands the importance of staying current with business-relevant laws and regulations as they evolve. The real challenge is figuring out how to get ahead of these developments when it comes to AI.
If you have a solid understanding of your target market, you are likely already monitoring how procurements are being shaped not only by AI but also by cybersecurity, privacy, and data access requirements — along with the laws, regulations, and standards bodies influencing them.
I wrote about this broader governance challenge in 2024 in “Towards Unified Governance of AI, Data, and Cybersecurity Initiatives,” where I argued that AI governance cannot be separated from data stewardship and cybersecurity controls. The issues now surfacing in procurement language are, in many ways, an extension of that same conversation.
In this environment, it is no longer enough simply to have internal AI practices. You must be prepared to articulate your AI policies clearly — on your website, in promotional materials, and across public channels — and, just as importantly, in a format that can be rapidly adapted for proposals and quotes.
What we’re seeing is the normal process of institutions figuring out how to live with a new technology. Procurement language shifts. Definitions evolve. Policies adjust — sometimes awkwardly. That’s simply how these cycles unfold.
For those of us who work in and around public-sector technology, the question isn’t whether these rules will appear, but how thoughtfully we respond to them. Paying attention early, and preparing accordingly, is far more productive than reacting later.
Copyright © 2026 by Dennis D. McDonald
