Virginia’s Division-Managed AIS Platform Is Now Law

April 26, 2026

What follows is a section by section summary review of what the law requires for divisions heading into the future with AI.

Virginia’s Artificial Intelligence Law § 22.1-20.2:1


What The Law Requires

  1. The Board of Education, in consultation with VDOE’s Office of Educational Technology and Classroom Innovation, VITA, and other stakeholders, must publish guidance for the safe, ethical, and equitable use of artificial intelligence systems in instructional settings.
  2. Every Virginia school board must establish, implement, and enforce policies consistent with that state guidance and its prohibitions.
  3. The law creates a clear preference for division-managed AIS platforms operated within division-managed environments. That is the operational center of the law.

Key Definitions

The law defines an artificial intelligence system, or AIS, as a machine learning-based system that generates outputs such as content, decisions, predictions, or recommendations that can influence physical or virtual environments.

A Division-Managed AIS platform is an AIS technology solution deployed within a division-managed environment that meets three conditions:

  1. It aligns with Virginia’s Standards of Learning and high-quality instructional materials.
  2. It gives administrators visibility into platform usage.
  3. It prohibits the use of school or student data for model training outside the school division’s control.

A Division-Managed environment means the AIS is administered by the school division through role-based access controls, administrative oversight, audit logging, and configurable moderation consistent with school board policy.

Note: The law includes a prototyping exception. AI systems used for development, testing, and research before deployment are excluded from the AIS definition in this section. This gives divisions room to evaluate local AI environments before formal deployment, but any use of protected student or division data should still be governed by existing data security and privacy obligations.


What the State Guidance Must Address

The law requires the state guidance document to address six major areas:

  1. Student data privacy and security, including privacy and security in the context of AIS.
  2. Clear protocols for AIS use by teachers and students, including prohibitions on relying solely on AIS for certain high-stakes decisions.
  3. Transparency and defensible use of AIS in instructional settings.
  4. Accessibility of and equitable access to AI resources.
  5. Parent transparency relating to AIS use in instructional settings.
  6. Best practices for guarding against bias and discrimination in the use of AI tools.

What Approved AIS Use Must Include

For any approved AIS use in instructional settings, the law requires several operational safeguards.

Approved use must align with the Standards of Learning and support high-quality instructional materials. Teachers and, upon request, parents must have access to transcripts of student interactions with the AIS. Teachers and administrators must also be able to monitor use through dashboards, automated alerts, and audit logs.

Approved AIS use must comply with applicable federal and state student privacy laws, including FERPA and COPPA, and must meet recognized data security standards.

The law also requires each provider to sign a data privacy agreement with the applicable school division. That agreement must prohibit the use of division-level or student data for training or improving any external AIS models.

Approved AIS use must also support secure, standards-compliant single sign-on and interoperability with commonly used learning management systems or student information systems. It must include embedded professional development resources to strengthen educator literacy in the ethical and effective use of AIS.


What the Law Prohibits

The law prohibits any school board, agent, or employee from requiring a student to interact with an artificial intelligence chatbot in order to receive instruction or complete any lesson or assignment.


What This Means for Divisions

The law does not simply tell divisions to “use AI carefully.” It points toward a specific operational model: AI use that is visible, governed, auditable, privacy-aware, and controlled by the school division.

That is why division-managed platforms and division-managed environments matter. They create the conditions for operational trust, institutional control, data sovereignty, and data residency.

The law leaves room for future VDOE guidance, but the direction is already clear. Divisions will need to understand what AI tools are currently in use, what data those tools can access, what vendor agreements are in place, what staff and students are permitted to do, and whether the division can monitor, govern, and explain AI use inside its own instructional environment.


The Bottom Line

Virginia’s 131 school divisions now operate under an enacted law with a hard effective date. The question is no longer whether to act. It is where to start. Divisions that have already begun the foundational work will be ready when VDOE guidance drops. Divisions that wait will spend the summer and fall catching up.


This analysis is provided for informational purposes only by Strategic AI Link (SAIL), an independent AI compliance consultancy based in Virginia Beach, Virginia. It does not constitute legal advice. School divisions should consult legal counsel for division-specific compliance decisions.  ·  This is a living document. Content reflects current understanding and is subject to update as the field evolves.  ·  Strategic AI Education LLC  ·  June 2026

Sources

  1. Virginia HB1186 (2026), § 22.1-20.2:1
  2. Family Educational Rights and Privacy Act (FERPA), 20 U.S.C. § 1232g
  3. Children’s Online Privacy Protection Act (COPPA), 15 U.S.C. § 6501 et seq.