all labs
Module 04 · Risk Assessment & Data Governance

Building Your First AI Risk & Data Governance Registry

You are a Project Manager at 'HealthLink,' a telehealth provider. Your team is launching an AI 'Symptom Checker.' To prevent legal and operational disasters, you must audit your data quality, fill out an AI Risk Register, and prioritize which risks to fix before launch.

60 minBeginner 3 outcomes 7 steps · 3 checkpoints
lab progress0/10 · 0%

Step-by-step

Check my work

Not sure if you're doing it right? Paste what you've written or done so far and get instant feedback scored against this lab's rubric.

Dataset

healthlink_ai_audit.csv

8 identified risks for the HealthLink Symptom Checker, including failure mode category, data lineage, ownership, and consent verification.

Rows with 'No' in consent_verified are immediate Legal failure modes. R004 (Data Hoarding) requires Data Minimization.

risk_id(string)description(string)category(string)data_lineage(string)consent_verified(string)
R001Historical gender bias in training symptomsFairnessPublic dataset 2014No
R002AI gives incorrect triage during off-hoursOperationalInternal logsYes
R003PII leak via prompt injection in chat UISecurityUser sessionYes
R004Data hoarding of full medical historyLegalEHR exportNo
R005Model drift after seasonal flu surgeOperationalInternal logsYes
R006Vendor API stores queries on EU residentsRegulatoryThird-party APINo
R007Lack of audit log for clinician overridesOperationalInternal logsYes
R008Race proxy via ZIP code in symptom weightingFairnessPublic dataset 2014No