FRIA: Fundamental Rights Impact Assessment
The FRIA required by EU AI Act Art. 27, versioned and linked to the AI system — not a Word document sitting in a folder.
Framework / standard: EU AI Act Art. 27 · ISO/IEC 42005
The Fundamental Rights Impact Assessment (FRIA) is an obligation under Article 27 of the EU AI Act, applicable to deployers of high-risk AI systems in the European Union from 2 February 2026. It is not a recommendation or a voluntary internal exercise: it is a legal requirement whose non-compliance is an audit finding.
In Linedat, the FRIA does not live as a loose document: it is a structured, versioned dossier mandatorily linked to the inventoried AI system. It captures the affected groups, the rights at stake with their probability and severity, the mitigation measures, human oversight and the redress mechanism.
What Article 27 requires and how Linedat covers it
Art. 27 requires the deployer of a high-risk system to assess the impact on fundamental rights before putting it into service. Linedat structures that assessment into sections — intended purpose, deployment context, affected groups (including vulnerable populations), rights impacts with likelihood × severity, mitigations, human oversight, redress mechanism and conclusion — and links it by mandatory foreign key to the AI system. There are no orphan FRIAs: they always hang from an inventoried system with its AI Act risk class.
Separation of duties and automatic finding
The FRIA is approved with separation of duties (four eyes): the person who drafts it cannot approve it, and approval is blocked until mitigation measures and the redress mechanism are completed. Additionally, a high-risk AI system in production without an approved FRIA generates an automatic finding that the system flags for you — before the regulator does. Each version is frozen with its author and date, so you can reconstruct which FRIA was in force at any point in the past.
The limits (what we do not claim)
The FRIA does not auto-fill with generated text: the responsible person writes it; Linedat detects when it is missing and blocks approval if required sections are incomplete. State transitions (for example, marking a FRIA as "needs review" when it expires) are evaluated at read time, not via a scheduled alert.
How Linedat helps
Linedat turns the Art. 27 obligation into a workflow: a versioned dossier, four-eyes approval and automatic detection of missing FRIAs. When the regulator requests it, you deliver a sealed dossier with approver, date and version — not a screenshot or an improvised Word document.
Related capabilities
The AI Act audits systems, not API calls. Every AI system inventoried with its risk class.
AI Incidents with the 15-Day ClockA serious incident starts the Art. 73 clock. We start it running and block closure until notification is on record.
Versioned Model Cards and Dataset CardsTransparency is not an attached PDF: it is a versioned card with status.
