The recently published 𝗛𝗛𝟰𝗔𝗜 𝗺𝗲𝘁𝗵𝗼𝗱𝗼𝗹𝗼𝗴𝘆, developed by Deloitte and the University of Milan, offers a structured framework for conducting Human Rights Impact Assessments (HRIA) for AI systems. It aligns with the requirements of the EU AI Act, particularly for high-risk applications.

The HH4AI model consists of five iterative phases that guide organizations through a transparent, well-documented assessment process:

𝟭. 𝗣𝗿𝗲𝗽𝗮𝗿𝗮𝘁𝗶𝗼𝗻 – Define the scope, identify stakeholders, and select applicable fundamental rights from the EU Charter.
𝟮. 𝗜𝗱𝗲𝗻𝘁𝗶𝗳𝗶𝗰𝗮𝘁𝗶𝗼𝗻 – Map potential impacts through stakeholder consultation, technical analysis, and rights-mapping across AI components.
𝟯. 𝗘𝘃𝗮𝗹𝘂𝗮𝘁𝗶𝗼𝗻 – Score each risk based on severity, likelihood, and reversibility, resulting in a prioritized risk register.
𝟰. 𝗠𝗶𝘁𝗶𝗴𝗮𝘁𝗶𝗼𝗻 – Design appropriate measures (technical, procedural, governance) and test their effectiveness.
𝟱. 𝗠𝗼𝗻𝗶𝘁𝗼𝗿𝗶𝗻𝗴 – Set up metrics, triggers, and review cycles to ensure ongoing oversight and improvement.

The HH4AI framework makes a meaningful contribution to responsible AI governance by offering a structured approach to assessing the impact of AI systems on fundamental rights. It effectively bridges the gap between legal obligations and practical implementation.

By combining procedural guidance with substantive assessment criteria, the framework enables organizations to navigate complex regulatory requirements while actively safeguarding fundamental rights. More than a compliance tool, it serves as a mechanism for strengthening the design, accountability, and ethical integrity of AI systems.

At 𝗧𝗵𝗲 𝗗𝗮𝘁𝗮 𝗖𝗼𝗺𝗽𝗹𝗶𝗮𝗻𝗰𝗲 𝗕𝘂𝗶𝗹𝗱𝗲𝗿𝘀, we support organizations in implementing this methodology - from targeted scans to full HRIAs, including board- and regulator-ready reporting.

📩 Fill in our contact form for an introduction or advisory session.

📚 Source:
Ceravolo, P. et al. (2025). HH4AI: A Methodological Framework for AI Human Rights Impact Assessment under the EU AI Act. Deloitte & Università degli Studi di Milano.
arXiv:2503.18994v1

hashtag#AICompliance hashtag#EUAIAct hashtag#HRIA hashtag#Governance hashtag#RiskAssessment hashtag#TrustworthyAI hashtag#TheDataComplianceBuilders