CerulithRegister LDN DPIA Sprint · July 2026 Defensibility0/9
Capstone Chain · M3Module 3 of 6

The Register

Six weeks to launch. Ninety-day DPIA. Do the maths.

Tuesday 14 July 2026. London. 14:00. The boardroom. Two months since the breach. Imran is still firefighting. Marcus is pushing the AI programme hard — the Series C thesis requires it.

Priya Shah opens her laptop and shows a live demo of Cerulith Clinic AI — an ML model that ingests Pulse biometric streams + patient-typed symptoms and returns a triage recommendation (routine / urgent / emergency) with a confidence score. Training set: 1.8M anonymised UK records. Validation AUC-ROC 0.91. Launch target: 1 September 2026.

Priya's live demo types in: persistent chest tightness + left-arm numbness. The model returns EMERGENCY — confidence 0.94 — call 999. Marcus claps. Fran calculates the ARR delta.

The slide Priya did not show: human review. None in the path. The clinician-in-the-loop is "coming in v2." The intended release is v1.

Learning Objectives
By the end of this module:
Incident 1Tue 14 Jul 2026 · 14:12Cerulith Boardroom

The Demo

Boardroom · Pulse AI confidence demo
Priya Shah
Priya Shah · CTO
Persistent chest tightness. Left-arm numbness. Onset 30 minutes ago. Model output: EMERGENCY. Confidence 0.94. Recommended: call 999 immediately.
Marcus Vale
Marcus Vale · CEO
Beautiful. When does it ship?
Priya Shah
Priya Shah · CTO
1 September. Validation AUC 0.91. Training set 1.8 million UK records. Fairness-aware pipeline.
Dr Aisha Khan
Aisha · to herself
No human review in the path. Art 9 health data. Automated decision with legal or similarly significant effects.
Incident 2Tue 14 Jul · 15:30Aisha's office

After the Demo

You open the ROPA. Cerulith Clinic AI has no entry yet.

Priya forwarded the slide deck and a technical brief. The brief uses the word "triage suggestion" seventeen times and the word "decision" zero.

Vikram pings: "How can I support?" Marcus pings: "Investor update is 10 September. Keep me in the loop."

You start with classification. Eight data categories in the Pulse AI flow. Each lands in one of three buckets under Art 30.

ROPA WorksheetTue 14 Jul · 16:12

Cerulith Clinic AI — Data Categories

Classify each category. A = Art 9 special category. B = Art 6 non-special personal data. C = not personal data. Your classification drives the DPIA scope.

0 of 8 classified.
Decision 1 of 3Tue 14 Jul · 16:45

The ROPA Entry

Priya joins your call. She argues the triage output is "just a suggestion — the user decides." She cites the Pulse T&Cs: "AI-assisted triage, not medical advice."

Question: How do you classify Cerulith Clinic AI in the ROPA?

Consequence · +3 Defensibility

The ROPA Entry Filed

Dr Aisha Khan
Aisha · to Priya
Priya — this is Art 9 health data plus automated decision-making. Under Art 22 the default is prohibited; Art 22(4) narrows Art 9 processing to explicit consent or substantial public interest under 22(2)(g). A DPIA is not optional; it is the instrument by which we design the safeguards.
Priya Shah
Priya · CTO
A full DPIA is 60 hours I don't have.
Dr Aisha Khan
Aisha
It is 60 hours either way — now, or when the DPC asks. My instinct is now. Vikram agrees.

Art 35(3) mandates a DPIA for (a) systematic extensive evaluation including automated decision-making with legal or similarly significant effects and (b) large-scale Art 9 processing. Cerulith Clinic AI hits both triggers.

Schufa (C-634/21) broadened Art 22 reach: a score plays a determining role even if a third party makes the final decision. The same logic narrows Priya's "just a suggestion" argument — when users rely on the triage, the automated component is decisive.

Legal Insight
Why This Was Defensible
  • Art 30 ROPA must reflect reality. Mislabelling produces systemic criticism in any MPN.
  • Art 9(1) prohibition is the default; Art 9(2) exceptions are narrow and must be evidenced.
  • Art 35(1) — where processing is likely to result in high risk, the DPIA is mandatory before processing begins.
Consequence · +1 Defensibility

The 'Suggestion' Framing

Before Schufa (2023), this framing had more room to run. Post-Schufa it is unstable: when the score or triage plays a "determining role," Art 22 applies even if a nominal human step exists downstream.

For a health-triage feature affecting access to emergency care, the "suggestion" framing will not survive DPC scrutiny — Art 22(4) preserves the Art 9 gate and Schufa narrows the commercial read-around.

Legal Insight
Why This Is Mixed
  • Arguable today, indefensible on first challenge.
  • You've saved Priya face; you've cost Cerulith its strongest defence if Module 6 arrives.
Consequence · −2 Defensibility

The Deferred DPIA

Art 35(1) requires the DPIA before processing begins. "Post-launch refinement" is a breach, not a schedule choice.

Art 30 mis-classification aggravates under Art 83(2)(d) degree of responsibility — evidence of systemic under-recognition of risk.

Legal Insight
Why This Was Indefensible
  • DPIA-before-processing is Art 35's core mechanic.
  • This decision moves Module 6's starting point materially higher.
BreatherFri 24 Jul · 10:00Patient panel — Dublin 2

The DPIA Workshop

Patient panel · DPIA testimony

Ten days later. You've run a full DPIA workshop. Priya brought her metrics. Imran brought his threat model. Dr Mark Tessaro, your external clinical advisor, sat in for the clinical-risk lens. A patient panel of six (commissioned via Pulse's user council) reviewed the flow and provided consented video testimony.

Dr Mark Tessaro
Mark Tessaro · clinical advisor
The patient panel gave us eight hours of consented testimony. What mattered to them: knowing when an automated system was deciding something about their care, and having a way to ask a human.

Three risks are now named and plotted on the 5×5 matrix:

  • Risk 1: False negatives leading to delayed emergency care. Priya's model has a 2.3% FN rate overall.
  • Risk 2: Differential accuracy. The validation set is 78% white British. The ethnicity breakdown of the live population is 62% white British. A fairness audit has not yet been run.
  • Risk 3: No opt-out route. Users currently cannot use Pulse with the AI triage disabled. Art 22(3) requires the right to contest and express view, with human intervention available on request.
DPIA WorksheetFri 24 Jul · 14:20

Mitigations — Select per Risk Row

Six residual risks. Three mitigation options per row. Pick the option that brings residual risk below the red band while staying inside a 6-week sprint. Your picks shape what's on the table in Decision 2.

0 of 6 mitigations set.
Audit ReturnsThu 6 Aug · 16:22

The Audit Returns

You commissioned an external fairness audit. Results just landed.

Overall FN
2.3%
Priya's number
White men FN
4.1%
Validation cohort
White women FN
6.2%
Validation cohort
South Asian men FN
7.8%
Validation cohort
South Asian women FN
11.0%
Emergency class: 13.7%
Black women FN
9.4%
Validation cohort
Dr Mark Tessaro
Mark · 17:05 call
An 11% false-negative rate for a triage model on emergency presentations in South Asian women is a clinical-safety signal. It isn't a number. It is someone not getting an ambulance.
Priya Shah
Priya · 17:22 call
We can retrain. It'll take eight weeks. We have six.
Decision 2 of 3Thu 6 Aug · 18:00

The Mitigations

Priya has run the numbers: retraining to close the fairness gap is an 8-week project. Launch is in 26 days. Marcus's board update is on 10 September.

Question: What mitigations do you accept for launch?

Consequence · +3 Defensibility

The Safeguards

DPIA worksheet · fairness audit
Dr Aisha Khan
Aisha · to Priya
Clinician co-signs on urgent and emergency outputs for 90 days. Opt-out to a fully human pathway by launch — not v2. Privacy notice rewrite. Fairness audit published with limitations section. Retraining happens in parallel on the Q4 release train.
Priya Shah
Priya
Ninety days of clinician co-sign costs €490k.
Dr Aisha Khan
Aisha
It costs less than one preventable death.

Art 35(7)(d) requires the DPIA to include measures to mitigate the risks. Clinician-in-the-loop for the stakes-heavy classes addresses Risk 1 and Risk 2 together; opt-out addresses Art 22(3)/22D safeguards.

Art 13(2)(f) transparency — logic, significance, envisaged consequences — is not an optional paragraph.

Legal Insight
Why This Was Defensible
  • Art 22(3) safeguards include human intervention, right to express view, right to contest.
  • Art 22(3) safeguards preserve the same safeguards for Art 9 processing.
  • Published fairness audit is not a regulatory requirement — it is an Art 83(2)(d)/(f) mitigator that reads well in any future investigation.
Consequence · +1 Defensibility

The Half-Fix

Emergency-only review addresses the top-severity row but leaves urgent-tier presentations (chest pain that isn't cardiac; falls; uncontrolled bleeding) to the model alone — where the fairness gap remains most consequential.

No opt-out for v1 breaches Art 22(3) on any reading — the user must have the right to express view and contest a significant automated decision.

Legal Insight
Why This Is Mixed
  • Clinical-safety improvement is real. Regulatory posture is not complete.
  • Module 6's investigator will note the v2 opt-out as "aware-of-gap-but-still-shipped" evidence.
Consequence · −2 Defensibility

The Contract Claim

Art 22(2)(a) contract necessity is read narrowly — it applies where the automated decision is necessary for entering into or performing the contract. A triage feature is not necessary for the Pulse contract in the way Schufa-style credit decisions are for a loan.

Art 22(4) / Art 22(4) narrows further for Art 9 data: only 22(2)(a) explicit consent and 22(2)(g) substantial public interest are available.

Priya's T&Cs update does not cure the issue because "AI-assisted triage" is not the bargained-for service.

Legal Insight
Why This Was Indefensible
  • The "contract necessity" shortcut is the single most cited bad-faith argument in ICO AI enforcement.
  • Module 6's investigator reads this as Exhibit C: a controller shipping an Art 9 automated decision with no genuine safeguards.
Decision 3 of 3Wed 19 Aug · 09:12

The Art 36 Question

Whatever mitigations you chose, the residual-risk register has rows that still sit in the red or amber band.

Art 36 prior consultation is required where the DPIA shows residual high risk. The DPC has 8 weeks to respond (extendable by 6).

Launch is in 13 days. Marcus's investor update is in 22 days.

Question: Do you file Art 36 prior consultation?

Consequence · +3 Defensibility

The Letter

DPC Dublin · envelope · morning
Dr Aisha Khan
Aisha · to Marcus
Four weeks. The DPC has 8 weeks by statute but their current average on Art 36 for AI-in-healthtech is 5. We launch 1 October.
Marcus Vale
Marcus
What do I tell investors?
Dr Aisha Khan
Aisha
That we shipped a feature that will still be running in five years, not five months.

Art 36(1) requires prior consultation where the DPIA shows residual high risk. The correct posture is voluntary, transparent filing with the full DPIA attached.

The 4-week delay becomes an Art 83(2)(f) cooperation credit in Module 6. It also buys Priya time for Q4 retraining.

Legal Insight
Why This Was Defensible
  • Art 36 is mandatory where residual risk remains high after mitigations.
  • EU supervisory authorities currently treat Art 36 filings as a positive signal — they would rather talk early than enforce late.
Consequence · +0 Defensibility

The Commissioned View

A defensible position if the mitigations genuinely brought the residual below high — and if decision-2 was choice-a.

If decision-2 was choice-b (half-fix), this reading is strained and the DPC would disagree. Residual-risk categorisation is a controller judgement subject to regulatory second-guess.

Legal Insight
Why This Is Mixed
  • Arguable. Not the strongest posture.
  • If the DPC investigation opens for other reasons, this decision is read alongside decision-2.
Consequence · −2 Defensibility

The Ship Date

Art 36 is mandatory where residual high risk remains. Shipping without filing is a breach, not a scheduling choice.

In the M6 binder, this decision is the single strongest piece of evidence that Cerulith chose commercial timing over regulatory process.

Legal Insight
Why This Was Indefensible
  • Mandatory process missed. Art 83(4) category breach.
  • Marcus's investor update became the proximate cause.
Computing

Computing Defensibility…

Summing the three decision impacts.

The Launch That Held

The Launch That Held

Art 36 filed. Clinician co-sign. Fairness audit published. 1 October launch.

Affected · Data subjects
Cerulith Clinic AI launches on 1 October with clinician-in-the-loop for urgent/emergency outputs, a functioning opt-out, and a published fairness audit. In the first six months, 32,800 users opt into a human-first path; 412 adverse events are averted by clinician co-sign. The 11% South Asian women FN rate drops to 6.1% after the Q4 retrain.
Company · Cerulith
Delayed launch costs €1.3M in deferred revenue. 10 Sep investor update presents the Art 36 filing as a differentiator, not a delay. Two HSE regional health authorities — previously pilot-only — sign production contracts citing the DPIA and Art 36 engagement.
Career · Aisha
Priya co-authors a paper with Mark Tessaro and Aisha for Nature Digital Medicine on "Art 22 compliant clinical AI." Submission: January 2027.
Next 50 incidents
The DPIA template, Art 13(2)(f) notice format, and fairness-audit protocol are adopted as Cerulith's standard for AI releases. Three new features in 2027 go through the same cycle in 6 weeks not 14.
System · Industry
DPC's post-launch review notes Cerulith as an example of clinical-AI done correctly.
The Launch That Held Edges

The Launch That Held Edges

Partial safeguards. v1.1 patch. Near-miss in NHS bulletin.

Affected · Data subjects
Feature launches on 1 September with partial safeguards. 14,200 users complain about the lack of opt-out in the first three weeks; a v1.1 patch ships on 24 September. No clinical-safety incident is publicly reported, but an anonymised near-miss report surfaces in an HSE safety bulletin in Q1 2027.
Company · Cerulith
No immediate MPN, but the feature is flagged in the DPC's 2027 AI review programme. Cerulith runs a costly reactive comms effort in October.
Career · Aisha
Aisha's DPIA stands up; the mitigation choice is her regret.
Next 50 incidents
v1.1 adds opt-out and tightens Art 13 notice. Future launches run the clinician-in-the-loop by default after this experience.
System · Industry
Internal post-mortem concludes the half-fix was driven by timing, not analysis.
The Launch That Became An Exhibit

The Launch That Became An Exhibit

Cardiac near-miss. DPC own-volition opens. 14-month pause.

Affected · Data subjects
Feature launches 1 September with contract-necessity framing. On 19 November a user with a cardiac event is triaged as "routine" by the model; she is hospitalised 9 hours later. No fatality, but the case becomes the proximate trigger for an DPC own-volition investigation on 5 December 2026 — the one that lands in Module 6.
Company · Cerulith
Series C lead investor commissions an external governance review. Cerulith's AI programme paused for 14 months. Clinic AI is rebuilt. Direct costs: €11.5M.
Career · Aisha
Aisha's independent Art 38 line is invoked for the second time in the year. Vikram's memo becomes part of the Cerulith defence.
Next 50 incidents
Every AI release is paused pending new governance board. Two senior ML engineers resign. Priya's defence is constrained.
System · Industry
This decision is Exhibit C in Module 6. It feeds directly into the Art 83(5) tier trigger.
Debrief

What M3 Teaches

Key Points
Five things to keep
  • Art 30 ROPA must classify by what the processing actually is, not by what it feels like.
  • Art 35 DPIA is before processing, not after.
  • Schufa narrowed the "not a significant decision" argument. Under Art 22 the EU default is prohibited; Art 22(4) narrows Art 9 data to explicit consent / substantial public interest.
  • Fairness audits are not regulatory requirements; they are regulatory-credit generators.
  • Art 36 prior consultation is mandatory on residual high risk. Filing is cooperation mitigation.

Next module: Six weeks from now, the analytics vendor that powers Pulse's dashboards will tell you they're shutting down. The replacement is in San Francisco. Schrems II is about to be your problem.

Knowledge Check

5 Questions

Five questions on Art 9 / 22 / 30 / 35 / 36 and the Schufa line. Pass mark: 80%.

Module Complete

Module 3 Complete

Defensibility score: / 9

Quiz:

Outcome:

Your result has been recorded. Module 4 unlocked: The Transfer.

Return to Course Continue to Module 4 →