| Exam Code/Number: | AIGPJoin the discussion |
| Exam Name: | IAPP Certified Artificial Intelligence Governance Professional |
| Certification: | IAPP |
| Question Number: | 196 |
| Publish Date: | Jul 17, 2026 |
|
Rating
100%
|
|
Which of the following may bepermissible usesof an AI system under the EU AI ActEXCEPT?
CASE STUDY
Please use the following to answer the next question:
A mid-size US healthcare network has decided to develop an AI solution to detect a type of cancer that is most likely to arise in adults. Specifically, the healthcare network intends to create a recognition algorithm that will perform an initial review of all imaging and then route records to a radiologist for secondary review pursuant to agreed-upon criteria such as a confidence score below a threshold.
To date, the healthcare network has:
Defined its AI ethical principles
Conducted discovery to identify the intended uses and success criteria for the system Established an AI risk committee Assembled a cross-functional team with clear roles and responsibilities Created policies and procedures to document standards, workflows, timelines and risk thresholds during the project The healthcare network intends to retain a cloud provider to host the solution. It also intends to retain a large consulting firm to supplement its small data science team and help develop the algorithm using the healthcare network ' s existing data and de-identified data that is licensed from a large US clinical research partner.
Which of the following steps can best mitigate the possibility of discrimination prior to training and testing the AI solution?
A company is creating a mobile app to enable individuals to upload images and videos, and analyze this data using ML to provide lifestyle improvement recommendations. The signup form has the following data fields:
1.First name
2.Last name
3.Mobile number
4.Email ID
5.New password
6.Date of birth
7.Gender
In addition, the app obtains a device ' s IP address and location information while in use.
What GDPR privacy principles does this violate?
Which of the following use cases would be best served by a non-AI solution?
Which of the following disclosures is NOT required for an EU organization that developed and deployed a high-risk Al system?