This page is part of the FHIR Specification ~~(v3.0.2:~~ (v4.0.1: R4 - Mixed Normative and STU ~~3).~~ ) in it's permanent home (it will always be available at this URL). The current version which supercedes this version is 5.0.0 . For a full list of available versions, see the Directory of published versions . Page versions: R5 R4B R4 R3 R4 R3 R2

6.3 Resource Provenance - Content

Security

Work Group

Maturity Level : 3

Trial Use

Security Category : Not Classified

Compartments : Device , Patient , Practitioner , RelatedPerson

Provenance of a resource is a record that describes entities and processes involved in producing and delivering or otherwise influencing that resource. Provenance provides a critical foundation for assessing authenticity, enabling trust, and allowing reproducibility. Provenance assertions are a form of contextual metadata and can themselves become important records with their own provenance. Provenance statement indicates clinical significance in terms of confidence in authenticity, reliability, and trustworthiness, integrity, and stage in lifecycle (e.g. Document Completion - has the artifact been legally authenticated), all of which may impact security, privacy, and trust policies.

6.3.1 Scope and Usage

The Provenance resource tracks information about the activity that ~~created~~ created, revised, deleted, or signed a version of a resource, ~~including~~ describing the entities and agents ~~involved in producing a resource.~~ involved. This information can be used to form assessments about its quality, ~~reliability or~~ reliability, trustworthiness, or to provide pointers for where to go to further investigate the origins of the resource and the information in it.

Provenance resources are a record-keeping assertion that gathers information about the context in which the information in a resource was obtained. Provenance resources are prepared by the application that initiates the create/update etc. of the resource. An AuditEvent resource contains overlapping information, but is created as events occur, to track and audit the events. AuditEvent resources are often (though not exclusively) created by the application responding to the read/query/create/update/etc. event.

6.3.2 Boundaries and Relationships

Many other FHIR resources contain some elements that represent information about how the resource was obtained, and therefore they overlap with the functionality of the Provenance resource. These properties in other resources should always be used in preference to the Provenance resource, and the Provenance resource should be used where additional information is required, ~~though overlap can occur.~~ or explicit record or provenance is desired.

The relationship between a resource and its provenance is established by a reference from the provenance resource to its target. In this way, provenance may be provided about any resource or version, including past versions. There may be multiple provenance records for a given resource or version of a resource.

6.3.3 Background and Context

The Provenance resource is based on the W3C Provenance specification , and mappings are provided. The Provenance resource is tailored to fit the FHIR use-cases for provenance more directly. In terms of W3C Provenance the FHIR Provenance ~~resources~~ resource covers ~~"Generation"~~ "Generation" of ~~"Entity"~~ "Entity" with respect to FHIR defined resources for creation or updating; whereas AuditEvent covers ~~"Usage"~~ "Usage" of ~~"Entity"~~ "Entity" and all other ~~"Activity"~~ "Activity" as defined in W3C Provenance.

The W3C Provenance Specification has the following fundamental model:

Key concepts

Where:

~~Target - An entity that is a FHIR resource instance that is created, updated or deleted.~~ Entity - An entity is a physical, digital, conceptual or other kind of thing with some fixed aspects; entities may be real or imaginary.
Agent - An agent is something that bears some form of responsibility for an activity taking place, for the existence of an entity, or for another agent's activity.
Activity - An activity is something that occurs over a time period and acts upon or with entities. It may include consuming, processing, transforming, modifying, relocating, using, or generating entities.

The Provenance resource corresponds to a single activity that identifies a set of resources ( target ) generated by the activity. The activity also references other entities ( entity ) that were used and the agents ( agent ) that were associated with the activity. To record multiple activities that resulted in one ( target ), record each ( activity ) in independent Provenance records all pointing at that ( target ).

The Provenance resource depends upon having References to all the resources, entities, and agents involved in the activity. These References need not be resolvable. The references must provide a unique and ~~ambiguous~~ unambiguous identification. If a resource, entity, or agent can have different versions that must be identified, then the Reference must have versioning information included.

Versioning and unique identification are not mandated for all systems that provide Resources, entities, and agents. But, inclusion of Provenance requirements may introduce requirements for versioning and unique identification on those systems

The Provenance resource is based on leveraging the W3C Provenance specification to represent HL7 support of provenance throughout its standards and explicitly ~~modelled~~ modeled as functional capabilities in ISO/HL7 10781 EHR System Functional Model Release 2 and ISO 21089 Trusted End-to-End Information Flows. Mappings are provided. The Provenance resource is tailored to fit the FHIR use-cases for provenance more directly. In terms of W3C Provenance the FHIR Provenance resources covers ~~"Generation"~~ "Generation" of ~~"Entity"~~ "Entity" with respect to FHIR defined resources for creation or updating; whereas AuditEvent covers ~~"Usage"~~ "Usage" of ~~"Entity"~~ "Entity" and all other ~~"Activity"~~ "Activity" as defined in W3C Provenance.

This resource is referenced by Contract , DeviceRequest , MedicationAdministration , MedicationDispense , MedicationRequest , ~~ProcedureRequest , ReferralRequest~~ ServiceRequest and Task

Structure

0..* ~~What~~ ~~onBehalfOfUri~~ ~~relatedAgentType 0..1 CodeableConcept~~ ~~whatReference~~ ~~whatIdentifier Identifier~~

Name	Flags	Card.	Type	Description & Constraints
Provenance	TU		DomainResource	Who, What, When for a set of resources Elements defined in Ancestors: id , meta , implicitRules , language , text , contained , extension , modifierExtension
target	Σ	1..*	Reference ( Any )	Target Reference(s) (usually version specific)
~~period~~ occurred[x]		0..1	~~Period~~	When the activity occurred
occurredPeriod			Period
occurredDateTime			dateTime
recorded	Σ	1..1	instant	When the activity was recorded / updated
policy		0..*	uri	Policy or plan the activity was defined by
location		0..1	Reference ( Location )	Where the activity occurred, if relevant
reason		0..*	~~Coding~~ CodeableConcept	Reason the activity is occurring ~~PurposeOfUse~~ V3 Value SetPurposeOfUse ( Extensible )
activity		0..1	~~Coding~~ CodeableConcept	Activity that occurred ~~ProvenanceActivityType~~ Provenance activity type ( Extensible )
agent		1..*	BackboneElement	Actor involved
~~role~~ type	Σ	0..1	CodeableConcept	How the ~~agents role was~~ agent participated ~~SecurityRoleType~~ Provenance participant type ( Extensible )
~~who[x]~~ role	Σ	~~1..1~~ 0..*	~~Who participated~~ ~~whoUri~~ CodeableConcept	What the agents role was ~~uri~~ SecurityRoleType ( Example )
who ~~whoReference~~	Σ	1..1	Reference ( Practitioner \| PractitionerRole \| RelatedPerson \| Patient \| Device \| Organization )	Who participated
~~onBehalfOf[x]~~ onBehalfOf	~~0..1~~ ~~Who the agent is representing~~	~~uri onBehalfOfReference~~ 0..1	Reference ( Practitioner \| PractitionerRole \| RelatedPerson \| Patient \| Device \| Organization )	~~Type of relationship between agents v3 Code System RoleLinkType ( Example )~~ Who the agent is representing
entity		0..*	BackboneElement	An entity used in this activity
role	Σ	1..1	code	derivation \| revision \| quotation \| source \| removal ProvenanceEntityRole ( Required )
~~what[x]~~ what	Σ ~~1..1 Identity of entity whatUri uri~~	1..1	Reference ( Any )	Identity of entity
agent		0..*	see agent	Entity is attributed to this agent
signature		0..*	Signature	Signature on target
Documentation for this format

UML Diagram ( Legend )

XML Template

<

<Provenance xmlns="http://hl7.org/fhir"> 

 <!-- from Resource: id, meta, implicitRules, and language -->
 <!-- from DomainResource: text, contained, extension, and modifierExtension -->
 <target><!-- 1..* Reference(Any) Target Reference(s) (usually version specific) --></target>
 <</period>
 <
 <

 <occurred[x]><!-- 0..1 Period|dateTime When the activity occurred --></occurred[x]>
 <recorded value="[instant]"/><!-- 1..1 When the activity was recorded / updated -->
 <policy value="[uri]"/><!-- 0..* Policy or plan the activity was defined by -->

 <location><!-- 0..1 Reference(Location) Where the activity occurred, if relevant --></location>
 <</reason>
 <</activity>

 <reason><!-- 0..* CodeableConcept Reason the activity is occurring --></reason>
 <activity><!-- 0..1 CodeableConcept Activity that occurred --></activity>

 <agent>  <!-- 1..* Actor involved -->
  <type><!-- 0..1 CodeableConcept How the agent participated --></type>

  <role><!-- 0..* CodeableConcept What the agents role was --></role>
  <|
    </who[x]>
  <|
    </onBehalfOf[x]>
  <</relatedAgentType>

  <who><!-- 1..1 Reference(Practitioner|PractitionerRole|RelatedPerson|Patient|
    Device|Organization) Who participated --></who>

  <onBehalfOf><!-- 0..1 Reference(Practitioner|PractitionerRole|RelatedPerson|
    Patient|Device|Organization) Who the agent is representing --></onBehalfOf>
 </agent>
 <entity>  <!-- 0..* An entity used in this activity -->
  <
  <</what[x]>

  <role value="[code]"/><!-- 1..1 derivation | revision | quotation | source | removal -->
  <what><!-- 1..1 Reference(Any) Identity of entity --></what>

  <agent><!-- 0..* Content as for Provenance.agent Entity is attributed to this agent --></agent>
 </entity>
 <signature><!-- 0..* Signature Signature on target --></signature>
</Provenance>

JSON Template

{
  "resourceType" : "",

  "resourceType" : "Provenance",

  // from Resource: id, meta, implicitRules, and language
  // from DomainResource: text, contained, extension, and modifierExtension
  "
  "
  "
  "
  "
  "
  "
  "
    "
    
    ">",
    "|
     },
    
    ">",
    "|
     },
    "

  "target" : [{ Reference(Any) }], // R!  Target Reference(s) (usually version specific)
  // occurred[x]: When the activity occurred. One of these 2:

  "occurredPeriod" : { Period },
  "occurredDateTime" : "<dateTime>",
  "recorded" : "<instant>", // R!  When the activity was recorded / updated
  "policy" : ["<uri>"], // Policy or plan the activity was defined by
  "location" : { Reference(Location) }, // Where the activity occurred, if relevant
  "reason" : [{ CodeableConcept }], // Reason the activity is occurring
  "activity" : { CodeableConcept }, // Activity that occurred
  "agent" : [{ // R!  Actor involved
    "type" : { CodeableConcept }, // How the agent participated
    "role" : [{ CodeableConcept }], // What the agents role was
    "who" : { Reference(Practitioner|PractitionerRole|RelatedPerson|Patient|
    Device|Organization) }, // R!  Who participated

    "onBehalfOf" : { Reference(Practitioner|PractitionerRole|RelatedPerson|
    Patient|Device|Organization) } // Who the agent is representing
  }],
  "
    "
    
    ">",
    " },
    " },
    "

  "entity" : [{ // An entity used in this activity
    "role" : "<code>", // R!  derivation | revision | quotation | source | removal
    "what" : { Reference(Any) }, // R!  Identity of entity
    "agent" : [{ Content as for Provenance.agent }] // Entity is attributed to this agent

  }],
  "

  "signature" : [{ Signature }] // Signature on target

}

Turtle Template

@prefix fhir: <http://hl7.org/fhir/> .


[ a fhir:Provenance;
  fhir:nodeRole fhir:treeRoot; # if this is the parser root

  # from Resource: .id, .meta, .implicitRules, and .language
  # from DomainResource: .text, .contained, .extension, and .modifierExtension
  fhir:Provenance.target [ Reference(Any) ], ... ; # 1..* Target Reference(s) (usually version specific)
  fhir:

  # Provenance.occurred[x] : 0..1 When the activity occurred. One of these 2
    fhir:Provenance.occurredPeriod [ Period ]
    fhir:Provenance.occurredDateTime [ dateTime ]

  fhir:Provenance.recorded [ instant ]; # 1..1 When the activity was recorded / updated
  fhir:Provenance.policy [ uri ], ... ; # 0..* Policy or plan the activity was defined by
  fhir:Provenance.location [ Reference(Location) ]; # 0..1 Where the activity occurred, if relevant
  fhir:
  fhir:

  fhir:Provenance.reason [ CodeableConcept ], ... ; # 0..* Reason the activity is occurring
  fhir:Provenance.activity [ CodeableConcept ]; # 0..1 Activity that occurred

  fhir:Provenance.agent [ # 1..* Actor involved
    fhir:Provenance.agent.type [ CodeableConcept ]; # 0..1 How the agent participated

    fhir:Provenance.agent.role [ CodeableConcept ], ... ; # 0..* What the agents role was
    # . One of these 2
      fhir: ]
      fhir:) ]
    # . One of these 2
      fhir: ]
      fhir:) ]
    fhir:

    fhir:Provenance.agent.who [ Reference(Practitioner|PractitionerRole|RelatedPerson|Patient|Device|Organization) ]; # 1..1 Who participated
    fhir:Provenance.agent.onBehalfOf [ Reference(Practitioner|PractitionerRole|RelatedPerson|Patient|Device|Organization) ]; # 0..1 Who the agent is representing

  ], ...;
  fhir:Provenance.entity [ # 0..* An entity used in this activity
    fhir:Provenance.entity.role [ code ]; # 1..1 derivation | revision | quotation | source | removal
    # . One of these 3
      fhir: ]
      fhir:) ]
      fhir: ]

    fhir:Provenance.entity.what [ Reference(Any) ]; # 1..1 Identity of entity

    fhir:Provenance.entity.agent [ See Provenance.agent ], ... ; # 0..* Entity is attributed to this agent
  ], ...;
  fhir:Provenance.signature [ Signature ], ... ; # 0..* Signature on target
]

Changes since ~~DSTU2~~ R3

~~Provenance.reason~~

Provenance ~~Type changed from CodeableConcept to Coding~~

~~Provenance.activity~~ Provenance.occurred[x]

~~Type changed~~ Renamed from ~~CodeableConcept~~ period to ~~Coding~~ occurred[x]
~~Change value set from http://hl7.org/fhir/ValueSet/v3-ProvenanceEventCurrentState to http://hl7.org/fhir/ValueSet/provenance-activity-type~~ Add Type dateTime

~~Provenance.agent~~ Provenance.reason

~~Min Cardinality~~ Type changed from 0 Coding to 1 CodeableConcept

~~Provenance.agent.role~~ Provenance.activity

Min Cardinality changed from 1 to 0 Max Cardinality changed from 1 to * Type changed from Coding to CodeableConcept

~~Change value set from http://hl7.org/fhir/ValueSet/provenance-agent-role to http://hl7.org/fhir/ValueSet/security-role-type~~

~~Provenance.agent.who[x]~~ Provenance.agent.type

Added Element

~~Provenance.agent.onBehalfOf[x]~~ Provenance.agent.role

~~Added Element~~ Remove Binding http://hl7.org/fhir/ValueSet/security-role-type (extensible)

~~Provenance.agent.relatedAgentType~~ Provenance.agent.who

~~Added Element~~ Renamed from who[x] to who

~~Provenance.entity.what[x]~~

~~Added Element~~ Remove Type uri

~~Provenance.entity.agent~~ Provenance.agent.onBehalfOf

~~Max Cardinality changed~~ Renamed from 1 onBehalfOf[x] to * Provenance.agent.actor deleted onBehalfOf

~~Provenance.agent.userId~~

~~deleted~~ Remove Type uri

~~Provenance.agent.relatedAgent~~ Provenance.entity.role

~~deleted~~ Change value set from http://hl7.org/fhir/ValueSet/provenance-entity-role to http://hl7.org/fhir/ValueSet/provenance-entity-role|4.0.1

~~Provenance.entity.type~~ Provenance.entity.what

~~deleted~~ Renamed from what[x] to what

~~Provenance.entity.reference~~

~~deleted~~ Remove Types uri, Identifier

~~Provenance.entity.display~~ Provenance.agent.relatedAgentType

deleted

See the Full Difference for further information

This analysis is available as XML or JSON .

See ~~R2 <-->~~ R3 <--> R4 Conversion Maps (status = 2 5 tests that all execute ok. ~~1 fail~~ All tests pass round-trip testing and 1 2 r3 resources are invalid (1 (0 errors). ). )

Structure

0..* ~~What~~ ~~relatedAgentType 0..1 CodeableConcept~~ ~~whatReference~~ ~~whatIdentifier Identifier~~

Name	Flags	Card.	Type	Description & Constraints
Provenance	TU		DomainResource	Who, What, When for a set of resources Elements defined in Ancestors: id , meta , implicitRules , language , text , contained , extension , modifierExtension
target	Σ	1..*	Reference ( Any )	Target Reference(s) (usually version specific)
~~period~~ occurred[x]		0..1	~~Period~~	When the activity occurred
occurredPeriod			Period
occurredDateTime			dateTime
recorded	Σ	1..1	instant	When the activity was recorded / updated
policy		0..*	uri	Policy or plan the activity was defined by
location		0..1	Reference ( Location )	Where the activity occurred, if relevant
reason		0..*	~~Coding~~ CodeableConcept	Reason the activity is occurring ~~PurposeOfUse~~ V3 Value SetPurposeOfUse ( Extensible )
activity		0..1	~~Coding~~ CodeableConcept	Activity that occurred ~~ProvenanceActivityType~~ Provenance activity type ( Extensible )
agent		1..*	BackboneElement	Actor involved
~~role~~ type	Σ	0..1	CodeableConcept	How the ~~agents role was~~ agent participated ~~SecurityRoleType~~ Provenance participant type ( Extensible )
~~who[x]~~ role	Σ	~~1..1~~ 0..*	~~Who participated~~ ~~whoUri~~ CodeableConcept	What the agents role was ~~uri~~ SecurityRoleType ( Example )
who ~~whoReference~~	Σ	1..1	Reference ( Practitioner \| PractitionerRole \| RelatedPerson \| Patient \| Device \| Organization )	Who participated
~~onBehalfOf[x]~~ onBehalfOf	~~0..1 Who the agent is representing onBehalfOfUri~~	~~uri onBehalfOfReference~~ 0..1	Reference ( Practitioner \| PractitionerRole \| RelatedPerson \| Patient \| Device \| Organization )	~~Type of relationship between agents v3 Code System RoleLinkType ( Example )~~ Who the agent is representing
entity		0..*	BackboneElement	An entity used in this activity
role	Σ	1..1	code	derivation \| revision \| quotation \| source \| removal ProvenanceEntityRole ( Required )
~~what[x]~~ what	Σ ~~1..1 Identity of entity whatUri uri~~	1..1	Reference ( Any )	Identity of entity
agent		0..*	see agent	Entity is attributed to this agent
signature		0..*	Signature	Signature on target
Documentation for this format

UML Diagram ( Legend )

XML Template

<

<Provenance xmlns="http://hl7.org/fhir"> 

 <!-- from Resource: id, meta, implicitRules, and language -->
 <!-- from DomainResource: text, contained, extension, and modifierExtension -->
 <target><!-- 1..* Reference(Any) Target Reference(s) (usually version specific) --></target>
 <</period>
 <
 <

 <occurred[x]><!-- 0..1 Period|dateTime When the activity occurred --></occurred[x]>
 <recorded value="[instant]"/><!-- 1..1 When the activity was recorded / updated -->
 <policy value="[uri]"/><!-- 0..* Policy or plan the activity was defined by -->

 <location><!-- 0..1 Reference(Location) Where the activity occurred, if relevant --></location>
 <</reason>
 <</activity>

 <reason><!-- 0..* CodeableConcept Reason the activity is occurring --></reason>
 <activity><!-- 0..1 CodeableConcept Activity that occurred --></activity>

 <agent>  <!-- 1..* Actor involved -->
  <type><!-- 0..1 CodeableConcept How the agent participated --></type>

  <role><!-- 0..* CodeableConcept What the agents role was --></role>
  <|
    </who[x]>
  <|
    </onBehalfOf[x]>
  <</relatedAgentType>

  <who><!-- 1..1 Reference(Practitioner|PractitionerRole|RelatedPerson|Patient|
    Device|Organization) Who participated --></who>

  <onBehalfOf><!-- 0..1 Reference(Practitioner|PractitionerRole|RelatedPerson|
    Patient|Device|Organization) Who the agent is representing --></onBehalfOf>
 </agent>
 <entity>  <!-- 0..* An entity used in this activity -->
  <
  <</what[x]>

  <role value="[code]"/><!-- 1..1 derivation | revision | quotation | source | removal -->
  <what><!-- 1..1 Reference(Any) Identity of entity --></what>

  <agent><!-- 0..* Content as for Provenance.agent Entity is attributed to this agent --></agent>
 </entity>
 <signature><!-- 0..* Signature Signature on target --></signature>
</Provenance>

JSON Template

{
  "resourceType" : "",

  "resourceType" : "Provenance",

  // from Resource: id, meta, implicitRules, and language
  // from DomainResource: text, contained, extension, and modifierExtension
  "
  "
  "
  "
  "
  "
  "
  "
    "
    
    ">",
    "|
     },
    
    ">",
    "|
     },
    "

  "target" : [{ Reference(Any) }], // R!  Target Reference(s) (usually version specific)
  // occurred[x]: When the activity occurred. One of these 2:

  "occurredPeriod" : { Period },
  "occurredDateTime" : "<dateTime>",
  "recorded" : "<instant>", // R!  When the activity was recorded / updated
  "policy" : ["<uri>"], // Policy or plan the activity was defined by
  "location" : { Reference(Location) }, // Where the activity occurred, if relevant
  "reason" : [{ CodeableConcept }], // Reason the activity is occurring
  "activity" : { CodeableConcept }, // Activity that occurred
  "agent" : [{ // R!  Actor involved
    "type" : { CodeableConcept }, // How the agent participated
    "role" : [{ CodeableConcept }], // What the agents role was
    "who" : { Reference(Practitioner|PractitionerRole|RelatedPerson|Patient|
    Device|Organization) }, // R!  Who participated

    "onBehalfOf" : { Reference(Practitioner|PractitionerRole|RelatedPerson|
    Patient|Device|Organization) } // Who the agent is representing
  }],
  "
    "
    
    ">",
    " },
    " },
    "

  "entity" : [{ // An entity used in this activity
    "role" : "<code>", // R!  derivation | revision | quotation | source | removal
    "what" : { Reference(Any) }, // R!  Identity of entity
    "agent" : [{ Content as for Provenance.agent }] // Entity is attributed to this agent

  }],
  "

  "signature" : [{ Signature }] // Signature on target

}

Turtle Template

@prefix fhir: <http://hl7.org/fhir/> .


[ a fhir:Provenance;
  fhir:nodeRole fhir:treeRoot; # if this is the parser root

  # from Resource: .id, .meta, .implicitRules, and .language
  # from DomainResource: .text, .contained, .extension, and .modifierExtension
  fhir:Provenance.target [ Reference(Any) ], ... ; # 1..* Target Reference(s) (usually version specific)
  fhir:

  # Provenance.occurred[x] : 0..1 When the activity occurred. One of these 2
    fhir:Provenance.occurredPeriod [ Period ]
    fhir:Provenance.occurredDateTime [ dateTime ]

  fhir:Provenance.recorded [ instant ]; # 1..1 When the activity was recorded / updated
  fhir:Provenance.policy [ uri ], ... ; # 0..* Policy or plan the activity was defined by
  fhir:Provenance.location [ Reference(Location) ]; # 0..1 Where the activity occurred, if relevant
  fhir:
  fhir:

  fhir:Provenance.reason [ CodeableConcept ], ... ; # 0..* Reason the activity is occurring
  fhir:Provenance.activity [ CodeableConcept ]; # 0..1 Activity that occurred

  fhir:Provenance.agent [ # 1..* Actor involved
    fhir:Provenance.agent.type [ CodeableConcept ]; # 0..1 How the agent participated

    fhir:Provenance.agent.role [ CodeableConcept ], ... ; # 0..* What the agents role was
    # . One of these 2
      fhir: ]
      fhir:) ]
    # . One of these 2
      fhir: ]
      fhir:) ]
    fhir:

    fhir:Provenance.agent.who [ Reference(Practitioner|PractitionerRole|RelatedPerson|Patient|Device|Organization) ]; # 1..1 Who participated
    fhir:Provenance.agent.onBehalfOf [ Reference(Practitioner|PractitionerRole|RelatedPerson|Patient|Device|Organization) ]; # 0..1 Who the agent is representing

  ], ...;
  fhir:Provenance.entity [ # 0..* An entity used in this activity
    fhir:Provenance.entity.role [ code ]; # 1..1 derivation | revision | quotation | source | removal
    # . One of these 3
      fhir: ]
      fhir:) ]
      fhir: ]

    fhir:Provenance.entity.what [ Reference(Any) ]; # 1..1 Identity of entity

    fhir:Provenance.entity.agent [ See Provenance.agent ], ... ; # 0..* Entity is attributed to this agent
  ], ...;
  fhir:Provenance.signature [ Signature ], ... ; # 0..* Signature on target
]

Changes since ~~DSTU2~~ Release 3

~~Provenance.reason~~

Provenance ~~Type changed from CodeableConcept to Coding~~

~~Provenance.activity~~ Provenance.occurred[x]

~~Type changed~~ Renamed from ~~CodeableConcept~~ period to ~~Coding~~ occurred[x]
~~Change value set from http://hl7.org/fhir/ValueSet/v3-ProvenanceEventCurrentState to http://hl7.org/fhir/ValueSet/provenance-activity-type~~ Add Type dateTime

~~Provenance.agent~~ Provenance.reason

~~Min Cardinality~~ Type changed from 0 Coding to 1 CodeableConcept

~~Provenance.agent.role~~ Provenance.activity

Min Cardinality changed from 1 to 0 Max Cardinality changed from 1 to * Type changed from Coding to CodeableConcept

~~Change value set from http://hl7.org/fhir/ValueSet/provenance-agent-role to http://hl7.org/fhir/ValueSet/security-role-type~~

~~Provenance.agent.who[x]~~ Provenance.agent.type

Added Element

~~Provenance.agent.onBehalfOf[x]~~ Provenance.agent.role

~~Added Element~~ Remove Binding http://hl7.org/fhir/ValueSet/security-role-type (extensible)

~~Provenance.agent.relatedAgentType~~ Provenance.agent.who

~~Added Element~~ Renamed from who[x] to who

~~Provenance.entity.what[x]~~

~~Added Element~~ Remove Type uri

~~Provenance.entity.agent~~ Provenance.agent.onBehalfOf

~~Max Cardinality changed~~ Renamed from 1 onBehalfOf[x] to * onBehalfOf

~~Provenance.agent.actor~~

~~deleted Provenance.agent.userId deleted~~ Remove Type uri

~~Provenance.agent.relatedAgent~~ Provenance.entity.role

~~deleted~~ Change value set from http://hl7.org/fhir/ValueSet/provenance-entity-role to http://hl7.org/fhir/ValueSet/provenance-entity-role|4.0.1

~~Provenance.entity.type~~ Provenance.entity.what

~~deleted~~ Renamed from what[x] to what

~~Provenance.entity.reference~~

~~deleted~~ Remove Types uri, Identifier

~~Provenance.entity.display~~ Provenance.agent.relatedAgentType

deleted

See the Full Difference for further information

This analysis is available as XML or JSON .

See ~~R2 <-->~~ R3 <--> R4 Conversion Maps (status = 2 5 tests that all execute ok. ~~1 fail~~ All tests pass round-trip testing and 1 2 r3 resources are invalid (1 (0 errors). ). )

~~Alternate~~ See the Profiles & Extensions and the alternate definitions: Master Definition ( XML , + JSON ), , XML Schema / Schematron ~~(for )~~ + JSON Schema , ShEx (for Turtle ) + see the extensions & the dependency analysis

6.3.4.1 Terminology Bindings

~~Provenance.agent.role~~ ~~Provenance.agent.relatedAgentType~~

Path	Definition	Type	Reference
Provenance.reason	The reason the activity took place.	Extensible	~~PurposeOfUse~~ v3.PurposeOfUse
Provenance.activity	The activity that took place.	Extensible	ProvenanceActivityType
Provenance.agent.type	The ~~role~~ type of participation that a provenance agent played with respect to the activity.	Extensible	~~SecurityRoleType~~ ProvenanceParticipantType
Provenance.agent.role	~~Type of relationship between two~~ The role that a provenance ~~agents.~~ agent played with respect to the activity.	Example	~~v3 Code System RoleLinkType~~ SecurityRoleType
Provenance.entity.role	How an entity was used in an activity.	Required	ProvenanceEntityRole

Path

Definition

Type

Reference

Provenance.reason

The reason the activity took place.

Extensible

~~PurposeOfUse~~ v3.PurposeOfUse

Provenance.activity

The activity that took place.

Extensible

ProvenanceActivityType

Provenance.agent.type

The ~~role~~ type of participation that a provenance agent played with respect to the activity.

Extensible

~~SecurityRoleType~~ ProvenanceParticipantType

Provenance.agent.role

~~Type of relationship between two~~ The role that a provenance ~~agents.~~ agent played with respect to the activity.

Example

~~v3 Code System RoleLinkType~~ SecurityRoleType

Provenance.entity.role

How an entity was used in an activity.

Required

ProvenanceEntityRole

6.3.4.2 Using the Provenance Resource

The Provenance resource identifies information about another resource (the reference element). The Provenance resource may be used in several different ways:

As part of a document bundle where it identifies the provenance of part or all of the document
On a RESTful system where it keeps track of provenance information relating to resources

When used in a document bundle, the references are often not explicitly versioned, but they always implicitly pertain to the version of the resource found in the document. On a RESTful system, the target resource reference should be version specific, but this requires special care: For new resources that need to have a corresponding Provenance resource, the version-specific reference is often not knowable until after the target resource has been updated. This can create an integrity problem for the system - what if the Provenance resource cannot be created after the target resource has been updated? To avoid any such integrity problems, the target resource and the Provenance resources should be submitted as a pair using a transaction .

6.3.4.3 6.3.4.2.1 HTTP Header

The custom header X-Provenance to provide a provenance resource when performing PUT or POST operations using the RESTful interface :


POST [base]/Observation
Content-Type: application/fhir+?
X-Provenance: { "resourceType": "Provenance", "location": { "reference": "Location/1" }," agent" ... }

[body]

The intent is that the server picks up the provenance, fills out the target, and then stores the provenance information as it normally would. Notes:

Irrespective of the Content-Type or Accept headers, the Provenance resource is in the JSON format
The provenance SHALL not have a specified Provenance.target. The server will fill the target in as it processes the contents of the POST/PUT and determines the ids of the resource(s) to which the interaction applies
Servers MAY ignore the header, but SHOULD process it if they support provenance
Some server frameworks impose a length limit on individual HTTP headers, or on the the headers as a whole. Servers MAY reject a request if the X-Provenance header is too long
The use of the header is not documented for other HTTP methods (GET etc)

6.3.4.3 Digital Signatures

The Provenance resource includes a signature element (digital signature) which can be used for standards based integrity verification and non-repudiation purposes. The Signature datatype provides details on use of the signature element. The Signature.type coded value of ~~"Source"~~ "Source" should be used when the signature is for simply proving that the resource content is the same as it was when the resource was updated or created.

6.3.4.4 Party References Because the Provenance resource often refers to parties that are not represented as FHIR resources, agent and entity references can be either references to other resources, or they can refer to other entities that are not FHIR resources. For Provenance.agent, the actor element is used to reference an existing resource. To reference an entity that is not a FHIR resource, the userId element is used. A version specific reference to a FHIR resource on the same server: <agent> <actor> <reference value="Patient/34/_history/3"/> </actor> </agent> A reference to a user (a person) not represented by a FHIR resource: <agent> <userId> <value value="http://acme.com/users/34"/> </userId> </agent> For Provenance.entity, the code in the .type element is used to differentiate between the two cases: if the code is in the system "http://hl7.org/fhir/resource-types", then the reference is to a resource, and the element reference functions exactly the same as in a resource reference . A version specific reference to a FHIR resource on the same server: <entity> <type> <system value="http://hl7.org/fhir/resource-types"/> <code value="Patient"/> </type> <reference value="Patient/34/_history/3"/> </entity> In effect, this is the same pattern as a standard resource reference, but the type becomes extensible to allow referencing other kinds of resources. A reference to an entity (a person) not represented by a FHIR resource: <entity> <type> <system value="http://hl7.org/fhir/provenance-participant-type"/> <code value="person"/> </type> <reference value="http://acme.com/users/34"/> </entity> One subtle issue with the use of the Provenance resource is to differentiate between whether the reference is to the resource itself, or whether the reference is to the real-world thing that the resource represents, e.g. was it the person involved in the activity, or the record of the person. For agents, it should be understood that the reference is to the real-world thing that the resource represents. Removal 6.3.4.5

A Provenance record can be recorded to indicate who deleted a Resource. If versioning is supported, the version that was deleted is referenced in Provenance.target; if versioning is not supported then Provenance.target contains the non-version reference. Provenance.entity is not used unless there is a business requirement to do so.

6.3.4.6 6.3.4.5 Use of Provenance to record Import and Transform

Provenance can be used to record activities of an automaton that transforms input. Such as middleware that extracts information from a HL7 v2 message and creates FHIR resources, or middleware that extracts information from an HL7 CDA document and creates FHIR resources, etc. The Provenance in these cases is recording the activity of the middleware.

The middleware in this case would, in addition to creating the target resources, create a Provenance resource that indicates all the target resources (using Provenance.target). The middleware is identified as one of the Provenance.agent elements, with the Provenance.agent.role of assembler.

The middleware may record the source as another Provenance.agent element.

The original content is optionally saved. This might be as a DocumentReference, or Binary. The Provenance.entity would then point at this original content.

The original source might include some form of 'provenance' to cover the history of the original content prior to the import transformation. This original source 'provenance' should be converted into FHIR Provenance records as appropriate.

6.3.5 Search Parameters

Search parameters for this resource. The common parameters also apply. See Searching for more information about searching in REST, messaging, and services.

~~end~~

Name	Type	Description	Expression	In Common
agent	reference	Who participated	Provenance.agent.who ( Practitioner , Organization , Device , Patient , PractitionerRole , RelatedPerson )
agent-role	token	What the agents role was	Provenance.agent.role	~~date End time with inclusive boundary, if not ongoing Provenance.period.end~~
~~entity-id~~ agent-type	token	~~Identity of entity~~ How the agent participated	~~Provenance.entity.what.as(Identifier)~~ Provenance.agent.type
~~entity-ref~~ entity	reference	Identity of entity	~~Provenance.entity.what.as(Reference)~~ Provenance.entity.what (Any)
location	reference	Where the activity occurred, if relevant	Provenance.location ( Location )
patient	reference	Target Reference(s) (usually version specific)	~~Provenance.target~~ Provenance.target.where(resolve() is Patient) ( Patient )
recorded	date	When the activity was recorded / updated	Provenance.recorded
signature-type	token	Indication of the reason the entity signed the object(s)	Provenance.signature.type
~~start~~ target	~~date~~ reference	~~Starting time with inclusive boundary~~ Target Reference(s) (usually version specific)	~~Provenance.period.start~~ Provenance.target (Any)
~~target~~ when	~~reference~~ date	~~Target Reference(s) (usually version specific)~~ When the activity occurred	~~Provenance.target (Any)~~ (Provenance.occurred as dateTime)