Isaca ISACA Advanced in AI Audit (AAIA) AAIA Question # 77 Topic 8 Discussion
AAIA Exam Topic 8 Question 77 Discussion:
Question #: 77
Topic #: 8
An AI healthcare diagnostic tool requires large volumes of patient data, raising concerns about privacy and data breaches. Which of the following is the MOST effective strategy to mitigate this risk?
A.
Encrypt the data and transmit it through a secure channel.
B.
Limit the tool ' s access to only publicly available datasets.
C.
Collect data from all patients to use for data analysis.
D.
Use synthetic data or anonymized data sets for model training.
The most effective strategy to protect sensitive patient data is to use synthetic data or anonymized datasets for model training. This reduces exposure of personally identifiable information while allowing the model to learn meaningful medical patterns.
AAIA emphasizes privacy-by-design, de-identification, and minimal use of raw personal data in high-risk sectors such as healthcare. Anonymization and synthetic data significantly reduce the risk of re-identification or breach-related harm.
Option A (encryption) protects data in transit but does not eliminate privacy risks. Option B is impractical because healthcare models require clinically relevant datasets, not public data. Option C increases data exposure, aggravating privacy risks.
Thus, using anonymized or synthetic data is the strongest privacy protection aligned with healthcare compliance principles.
[References:, AAIA Domain 5: Data Privacy, AI Ethics, and Compliance., AAIA Domain 2: Data Management Practices for Sensitive AI Use Cases., , ]
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit