TAKE THE QUIZ

CA’s AI Roundup

By VICKY BROWN

You’re running lean, you’re moving fast, and let’s be honest – you’re doing a hundred things at once. So when a software tool promises to streamline your hiring process? That’s not just helpful. It’s a lifeline.

Maybe it helps you scan resumes. Maybe it scores candidates. Maybe it flags the “top five” so you don’t have to sort through a stack of 200. Sounds great, right?

But here’s what most small business owners don’t realize: that helpful little tool just became a compliance risk.

Starting October 1, 2025, California’s new regulations around AI in the workplace officially take effect – and no, this isn’t just for tech companies or teams with 300 people. If you’re a business owner in California, and you’re using any tool that helps you hire, evaluate, promote, or determine pay – you are now in the hot seat.

Let’s talk about what that means. And more importantly, what smart leadership looks like in this next chapter of compliance.

You Probably Already Use AI – Even If You Don’t Know It

Here’s where a lot of entrepreneurs get tripped up: they assume AI means something futuristic. Something expensive. Something obvious.

But in the eyes of the law, AI includes any automated decision system – even a simple rules-based filter – that helps shape an employment decision.

So if you’re using an applicant tracking system that automatically screens resumes based on keywords… or a tool that scores candidates behind the scenes… or software that hides applicants who don’t meet preset criteria… you’re in AI territory now.

And according to California’s updated Fair Employment and Housing Act, those tools are regulated.

You don’t need to have built the tool yourself. You don’t even need to fully understand how it works (though you absolutely should – more on that in a second). If that software played a role in your decision – even if a human made the final call – you’re responsible.

The Real Risk Isn’t the Tool – It’s the Blind Spot

Let me be clear: this isn’t an anti-tech conversation. I love a good time-saving tool as much as anyone. AI can make you faster. More consistent. More efficient. But only when you actually understand what the tool is doing.

And unfortunately, most small business owners don’t. We trust the platform. We assume the vendor knows what they’re doing. We figure if it’s built into the software, it must be compliant. Right?

Wrong.

What California is saying – in no uncertain terms – is that if AI plays a role in your decision-making process, you’re on the hook. Even if the tool was created by someone else. Even if it’s embedded in something you didn’t customize. Even if you didn’t realize it was working behind the scenes.

If it influences your decision, you own the outcome.

That’s why this moment matters. Because the real risk isn’t just in the technology. It’s in the assumptions. The lack of visibility. The false sense of security that someone else has it handled.

Bias Testing Isn’t Technically Required… But It’s Definitely Expected

Now here’s where the legal nuance gets tricky – and dangerous.

The regulations don’t say you must test your tools for bias. But they do say that courts and agencies can consider whether you did. And if you didn’t, that absence of effort becomes evidence.

Let’s break that down.

If someone files a discrimination claim – maybe a qualified candidate feels they were unfairly screened out – and you can’t demonstrate that you tested your tool for bias, that gap may work against you. Even if you didn’t mean for it to happen. Even if you had no idea the system was flawed.

On the other hand, if you did conduct bias testing… and if you made changes based on what you found… that can support your defense. It shows you were paying attention. That you took reasonable steps. That you were trying to do it right.

So while the law doesn’t mandate testing, it raises the bar. Because now, not testing looks negligent.

And yes – that applies even if the tool came from your vendor. Which brings us to the next point.

Vendors Are Now Risk Partners. And You Need to Treat Them That Way.

This is one of the biggest mindset shifts in the new rules.

Under the revised definition of “agent,” vendors who use AI on your behalf – even indirectly – can make you jointly liable. If their tool discriminates and you used it? That’s now your legal problem too.

So the old way of thinking – “We didn’t build it, we just bought it” – doesn’t hold up anymore. You can’t afford to blindly trust your platforms. You need real answers. Real documentation. Real accountability.

You need to ask:

  • What kind of testing have you done on this system?
  • How frequently is it updated or audited?
  • What data does it use to make decisions?
  • Can we see the results?

And if the vendor dodges those questions, or worse – can’t answer them – that’s not just a red flag. That’s a compliance emergency.

… what most small business owners don’t realize: that helpful little tool just became a compliance risk.

The Paper Trail Just Got a Lot Heavier

California’s new rules also come with a four-year recordkeeping requirement.

That means you need to preserve everything associated with your automated hiring tools – the inputs, the results, the training datasets, the outputs. Every breadcrumb that shows how the decision was made.

If your system screened out a candidate, you need to be able to show why. And again – using a third-party system doesn’t let you off the hook. If you used it, you’re responsible.

That means better documentation, stronger internal processes, and clearer contracts with your vendors. Because if a claim lands on your desk and you can’t produce the data? You’re exposed.

There’s Another Layer: Consumer Privacy

As if that weren’t enough, there’s a parallel set of rules coming from the California Privacy Protection Agency.

Under the California Consumer Privacy Act (CCPA), if your system makes significant employment decisions – hiring, promotions, pay, contractor selection – you may be required to:

  • Notify candidates or employees that AI is in use
  • Allow them to opt out
  • Conduct a formal risk assessment
  • Respond to data access or deletion requests

This is where it goes beyond compliance. This is about transparency and trust. Because when people feel like they’ve been screened out by a black box, that erodes culture, morale, and reputation.

Small business owners don’t always have the resources of a legal team or an IT department – but you do have the power to lead with intention.

Whether you’re an entrepreneur jumping into a leadership role, a seasoned business pro with new HR responsibilities, or just starting your HR career – we’ve got the right path to guide you through your HR hurdles.

Check out the Leaders Journey Experience.  This online education platform holds the LJE Masterclass, HR SimpleStart Academy and HR FuturePro Academy.

Not sure where to start – take the quiz!

TELL ME MORE!

So Where Do You Start?

Here’s the simple framework I want you to use – not just as a compliance move, but as a leadership move.

  1. Map your tools. Make a list of every platform or software you’re using that touches hiring, pay, promotions, or evaluations.
  2. Talk to your vendors. Don’t assume they’re compliant. Ask about bias testing, data handling, and recordkeeping. Get it in writing.
  3. Document your process. Who makes the final decision? Where does automation kick in? Are you saving the right records?
  4. Audit for gaps. If something feels fuzzy – investigate it. Don’t wait for a problem to find you.

And most importantly, stay curious. The laws are changing fast. You don’t need to panic, but you do need to pay attention.

AI Doesn’t Replace Leadership. It Tests It.

This isn’t about being afraid of technology. It’s about being responsible with it.

The best leaders won’t run from AI. They’ll use it wisely. They’ll stay ahead of the regulations. They’ll ask better questions. They’ll protect their people.

That’s what this moment calls for.

And if you’re wondering where to start, I’ve got you. I created a free California AI Compliance Checklist that walks you through the exact steps to take. It’s practical, it’s clear, and it’ll help you make confident decisions – not just compliant ones.

Because in this new landscape, thoughtful leadership isn’t optional.

It’s everything.

Spread the word

This website uses cookies to ensure you get the best experience on our site.

got it