Paratus Health — agentic threat model
Paratus Health presents a high-risk profile due to its direct integration with EHR systems and handling of Protected Health Information (PHI) via autonomous voice agents. The primary risks stem from potential unauthorized EHR modifications, HIPAA compliance breaches, and voice-based prompt injection manipulating clinical summaries.
OWASP AIVSS score rationale
| Autonomy of Action | 0.80 | |
| Goal-Driven Planning | 0.70 | |
| Self-Modification | 0.10 | |
| Dynamic Tool Use | 0.80 | |
| Persistent Memory | 0.70 | |
| Contextual Awareness | 0.80 | |
| Dynamic Identity | 0.30 | |
| Multi-Agent Interactions | 0.20 | |
| Non-Determinism | 0.60 | |
| Opacity & Reflexivity | 0.50 |
Scored with the canonical OWASP AIVSS formula (AIVSS calculator reference); agentic risk factors estimated from the agent’s described capabilities.
MAESTRO 7-layer threat model
Per-layer threats for this agent. Layers tagged “not certain from listing” are general, caveated commentary where the public description didn’t pin that layer.
Not certain from the listing — likely uses proprietary or fine-tuned LLMs optimized for medical voice and text. Threats include voice-based prompt injection (VUI exploitation) leading to misaligned clinical summaries or incorrect symptom flagging.
Not certain from the listing — likely utilizes RAG for clinic-specific scheduling rules and insurance policies, alongside temporary storage of patient intake data. Threats include data exfiltration of PHI and poisoning of the clinic's knowledge base.
The agent orchestrates multi-step workflows including intake, insurance verification, and EHR writes. Threats include tool misuse, such as unauthorized or erroneous modifications to patient records and scheduling databases via EHR APIs.
Not certain from the listing — requires secure, HIPAA-compliant hosting and telephony infrastructure. Threats include interception of voice streams, exposure of EHR API credentials, and container compromise.
Not certain from the listing — requires robust guardrails to prevent medical hallucinations and transcription errors. Threats include blind spots in conversational monitoring and a lack of auditability for automated clinical decisions.
As an EHR-integrated platform handling patient data, strict HIPAA compliance, data encryption, and access controls are mandatory. Threats include compliance failures, lack of detailed audit logs for AI-driven EHR writes, and unauthorized access to PHI.
Not certain from the listing — primarily operates as a clinic-to-EHR bridge rather than interacting in a multi-agent ecosystem. Threats are limited to cascading failures if external EHR or telephony APIs experience outages.
MAESTRO — the 7-layer agentic threat-modeling framework (Cloud Security Alliance / Ken Huang).
These scores are auto-generated from public information (the agent's own listing, docs, and repository) using the canonical OWASP AIVSS formula and the MAESTRO framework — an estimate for guidance, not a penetration test, audit, or certification. See the scoring methodology. Are you the vendor? Factual corrections are free.