Isaca ISACA Advanced in AI Audit (AAIA) AAIA Question # 4 Topic 1 Discussion
AAIA Exam Topic 1 Question 4 Discussion:
Question #: 4
Topic #: 1
A healthcare organization uses data clustering to group patients by medical history for personalized treatment recommendations. Which of the following is the GREATEST privacy risk associated with this practice?
A.
The clustering requires more data, increasing the risk of a privacy breach.
B.
Clustering increases the complexity of the model, making data harder to anonymize.
C.
Irrelevant features in the data may result in inaccurate or biased treatments.
D.
Clusters can reveal sensitive personal information depending on how the information is presented.
Clustering, especially in sensitive domains like healthcare, can inadvertently expose confidential patient data if the resulting groups are too specific or reveal underlying health conditions. The AAIA™ Study Guide warns that clustering can increase privacy risks when small, homogenous groups are formed that effectively re-identify individuals or reveal sensitive traits.
“Clustering results must be carefully reviewed to prevent indirect re-identification or unintended exposure of sensitive traits. Ethical handling of aggregated patient data is essential to protect individual privacy.”
While A and B involve general concerns, and C focuses on performance, D directly addresses the most significant privacy threat: exposure through cluster outputs.
[Reference: ISACA Advanced in AI Audit™ (AAIA™) Study Guide, Section: “Ethical and Legal Considerations in AI,” Subsection: “Data Anonymization and Re-identification Risks”, ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit