DPIA summary

Compass processes special-category-adjacent data (health context, financial vulnerability) for vulnerable adults. We have completed a Data Protection Impact Assessment covering the following risks and mitigations:

Risks identified

• • Re-identification of pseudonymised analytics → mitigated by k-anonymity ≥ 5 on postcode aggregates and prohibition on free-text in analytics events.
• • Volunteer over-access → mitigated by RBAC, per-case explicit consent, scoped read-only views, and full audit trail.
• • AI hallucination on safety advice → mitigated by RAG-grounded responses, canonical scam-recovery script fallback, and human-in-the-loop for any escalation.
• • Data exfiltration → mitigated by mTLS between services, no token in browser storage, strict CSP, and signed audit log.
• • Right to erasure across backups → mitigated by tombstone-on-delete + scheduled backup rewrite within 30 days.

Lawful basis

Consent (Art. 6(1)(a)) for direct support; legitimate interests (Art. 6(1)(f)) for safeguarding analytics with documented balancing test; vital interests (Art. 6(1)(d)) for crisis intervention.

Full DPIA available to commissioning councils on request: dpo@compass-ai.co.uk.