HomeLegal DirectoryDHS AI Critical Infra Framework

In effect Limited protection

DHS Framework for AI in Critical Infrastructure (Roles and Responsibilities)

United States · DHS Framework (Nov. 14, 2024)

DHS released a voluntary framework that lays out the responsibilities of cloud providers, AI developers, AI deployers, critical-infrastructure owners, and civil society for the safe and secure use of AI in U.S. critical infrastructure sectors — including grid, water, financial services, and healthcare.

Technical detail

DHS, 'Roles and Responsibilities Framework for Artificial Intelligence in Critical Infrastructure' (Nov. 14, 2024). Targets the 16 critical-infrastructure sectors, organized around five role categories: cloud and compute infrastructure providers, AI developers, critical infrastructure owners and operators, civil society, and the public sector. Implements EO 14110 § 4.3(a)(iv) directives that survived the EO's revocation.

Who is protected: Consumers, workers, and patients dependent on AI-augmented critical-infrastructure operations

Who must comply: Voluntary; targeted to the 16 critical-infrastructure sectors and their AI vendors

Key facts

JurisdictionUnited States
LevelFederal
StatusIn effect
Protection strengthLimited protection
Effective date2024-11-14
Enacted2024-11-14
CitationDHS Framework (Nov. 14, 2024)
Enforced byDepartment of Homeland Security; CISA (sector risk management agency coordination)
Private right of actionNo — agency enforcement only
PenaltiesNo direct penalties; informs sector-specific regulation
Topicsgovernment use of AI · data-center siting and energy · automated decision-making · consumer protection
Last verified2026-06-17
Official sourceDHS Framework for AI in Critical Infrastructure (Nov. 2024) ↗

More AI rules in United States

Related government use of AI rules elsewhere

See something wrong or out of date? Submit a correction — every entry must carry a verifiable official source.