R4 Ballot #2 (Mixed Normative/Trial use)

This page is part of the FHIR Specification (v3.5.0: R4 Ballot #2). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions . Page versions: R5 R4B R4

Security Work Group Maturity Level: 1Trial Use Use Context: Any

Definitions for the provenance-relevant-history Profile.

Provenance
Element IdProvenance
Definition

Provenance of a resource is a record that describes entities and processes involved in producing and delivering or otherwise influencing that resource. Provenance provides a critical foundation for assessing authenticity, enabling trust, and allowing reproducibility. Provenance assertions are a form of contextual metadata and can themselves become important records with their own provenance. Provenance statement indicates clinical significance in terms of confidence in authenticity, reliability, and trustworthiness, integrity, and stage in lifecycle (e.g. Document Completion - has the artifact been legally authenticated), all of which may impact security, privacy, and trust policies.

Control0..*
Alternate NamesHistory, Event, Activity
Comments

Some parties may be duplicated between the target resource and its provenance. For instance, the prescriber is usually (but not always) the author of the prescription resource. This resource is defined with close consideration for W3C Provenance.

Invariants
Inherited by this element
dom-2RuleIf the resource is contained in another resource, it SHALL NOT contain nested Resourcescontained.contained.empty()
dom-3RuleIf the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resourcecontained.where((('#'+id in (%resource.descendants().reference | %resource.descendants().as(canonical) | %resource.descendants().as(uri) | %resource.descendants().as(url))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(canonical) = '#').exists()).not()).trace('unmatched', id).empty()
dom-4RuleIf a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdatedcontained.meta.versionId.empty() and contained.meta.lastUpdated.empty()
dom-5RuleIf a resource is contained in another resource, it SHALL NOT have a security labelcontained.meta.security.empty()
dom-6GuidelineA resource should have narrative for robust managementtext.div.exists()
This is (only) a best practice guideline because:

When a resource has no narrative, only systems that fully understand the data can display the resource to a human safely. Including a guman readable representation in the resource makes for a much more robust eco-system and cheaper handling of resources by intermediary systems. Some ecosystems restrict distribution of resources to only those systems that do fully understand the resources, and as a consequence implementers may believe that the narrative is superfluous. However experience shows that such eco-systems often open up to new participants over time.

Provenance.id
Element IdProvenance.id
Definition

The logical id of the resource, as used in the URL for the resource. Once assigned, this value never changes.

Control0..1
Typeid
Comments

The only time that a resource does not have an id is when it is being submitted to the server using a create operation.

Provenance.meta
Element IdProvenance.meta
Definition

The metadata about the resource. This is content that is maintained by the infrastructure. Changes to the content might not always be associated with version changes to the resource.

Control0..1
TypeMeta
Provenance.implicitRules
Element IdProvenance.implicitRules
Definition

A reference to a set of rules that were followed when the resource was constructed, and which must be understood when processing the content. Often, this is a reference to an implementation guide that defines the special rules along with other profiles etc.

Control0..1
Typeuri
Is Modifiertrue (Reason: This element is labeled as a modifier because the implicit rules may provide additional knowledge about the resource that modifies it's meaning or interpretation)
Comments

Asserting this rule set restricts the content to be only understood by a limited set of trading partners. This inherently limits the usefulness of the data in the long term. However, the existing health eco-system is highly fractured, and not yet ready to define, collect, and exchange data in a generally computable sense. Wherever possible, implementers and/or specification writers should avoid using this element. Often, when used, the URL is a reference to an implementation guide that defines these special rules as part of it's narrative along with other profiles, value sets, etc.

Provenance.language
Element IdProvenance.language
Definition

The base language in which the resource is written.

Control0..1
Terminology BindingA human language.
The codes SHOULD be taken from Language
Typecode
Comments

Language is provided to support indexing and accessibility (typically, services such as text to speech use the language tag). The html language tag in the narrative applies to the narrative. The language tag on the resource may be used to specify the language of other presentations generated from the data in the resource. Not all the content has to be in the base language. The Resource.language should not be assumed to apply to the narrative automatically. If a language is specified, it should it also be specified on the div element in the html (see rules in HTML5 for information about the relationship between xml:lang and the html lang attribute).

Provenance.text
Element IdProvenance.text
Definition

A human-readable narrative that contains a summary of the resource and can be used to represent the content of the resource to a human. The narrative need not encode all the structured data, but is required to contain sufficient detail to make it "clinically safe" for a human to just read the narrative. Resource definitions may define what content should be represented in the narrative to ensure clinical safety.

Control0..1
TypeNarrative
Alternate Namesnarrative, html, xhtml, display
Comments

Contained resources do not have narrative. Resources that are not contained SHOULD have a narrative. In some cases, a resource may only have text with little or no additional discrete data (as long as all minOccurs=1 elements are satisfied). This may be necessary for data from legacy systems where information is captured as a "text blob" or where text is additionally entered raw or narrated and encoded information is added later.

Provenance.contained
Element IdProvenance.contained
Definition

These resources do not have an independent existence apart from the resource that contains them - they cannot be identified independently, and nor can they have their own independent transaction scope.

Control0..*
TypeResource
Alternate Namesinline resources, anonymous resources, contained resources
Comments

This should never be done when the content can be identified properly, as once identification is lost, it is extremely difficult (and context dependent) to restore it again. Contained resources may have profiles and tags In their meta elements, but SHALL NOT have security labels.

Provenance.extension
Element IdProvenance.extension
Definition

May be used to represent additional information that is not part of the basic definition of the resource. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

Control0..*
TypeExtension
Alternate Namesextensions, user content
Comments

There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

Provenance.modifierExtension
Element IdProvenance.modifierExtension
Definition

May be used to represent additional information that is not part of the basic definition of the resource, and that modifies the understanding of the element that contains it. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer is allowed to define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

Control0..*
TypeExtension
Is Modifiertrue (Reason: Modifier extensions are expected to modify the meaning or interpretation of the resource that contains them)
Alternate Namesextensions, user content
Comments

There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

Provenance.target
Element IdProvenance.target
Definition

This points to the version of the resource that was created as a result of this historical record action. Typically only a single resource will be referenced, but if the same action is performed to multiple resources in the context of a transaction, some systems may link multiple resource instances.

Control1..*
TypeReference(Resource)
Must Supporttrue
Comments

The reference SHALL be version-specific.

Provenance.occurred[x]
Element IdProvenance.occurred[x]
Definition

This indicates the time the resource action (creation, revision, deletion, etc.) occurred.

Control1..1
TypeChoice of: Period, dateTime
[x] NoteSee Choice of Data Types for further information about how to use [x]
Must Supporttrue
Comments

Both low and high will be set to the time the record event occurred. (In a future version, this element will likely be a choice with dateTime so that multiple values aren't needed.).

Provenance.recorded
Element IdProvenance.recorded
Definition

The instant of time at which the activity was recorded.

Control1..1
Typeinstant
Comments

This can be a little different from the time stamp on the resource if there is a delay between recording the event and updating the provenance and target resource.

Provenance.policy
Element IdProvenance.policy
Definition

Policy or plan the activity was defined by. Typically, a single activity may have multiple applicable policy documents, such as patient consent, guarantor funding, etc.

Control0..*
Typeuri
Comments

For example: Where an OAuth token authorizes, the unique identifier from the OAuth token is placed into the policy element Where a policy engine (e.g. XACML) holds policy logic, the unique policy identifier is placed into the policy element.

Provenance.location
Element IdProvenance.location
Definition

Where the activity occurred, if relevant.

Control0..1
TypeReference(Location)
Provenance.reason
Element IdProvenance.reason
Definition

The reason that the activity was taking place.

Control0..*
Terminology BindingThe reason the activity took place.
The codes SHALL be taken from V3 Value SetPurposeOfUse; other codes may be used where these codes are not suitable
TypeCodeableConcept
Must Supporttrue
Comments

Plain text reasons can be sent in the "text" component with no codings. Domains may wish to define a constrained terminology. The reason for the resource's existence of the resource itself will be maintained on the resource, not here.

Provenance.activity
Element IdProvenance.activity
Definition

Indicates what action occurred to the referenced resource.

Control1..1
Terminology BindingTypes of activities that are relevant for tracking event history using Provenance.
The codes SHALL be taken from Provenance History Record Activity Codes; other codes may be used where these codes are not suitable
TypeCodeableConcept
Must Supporttrue
Comments

This should be captured at a sufficiently useful level of granularity. For example "suspended" is more useful than "updated". Domains will need to map the listed codes to their own state transitions and may wish to define additional domain-specific fine-grained codes.

Provenance.agent
Element IdProvenance.agent
Definition

Who was involved with change.

Control1..*
TypeBackboneElement
Must Supporttrue
Requirements

An agent can be a person, an organization, software, device, or other entities that may be ascribed responsibility.

Comments

Generally the author will be specified. Others are optional.

Invariants
Inherited by this element
ele-1RuleAll FHIR elements must have a @value or childrenhasValue() or (children().count() > id.count())
SlicingThis element introduces a set of slices. The slicing rules are:
  • unordered
  • Open
  • discriminators: value:type
Provenance.agent.id
Element IdProvenance.agent.id
Definition

Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

Control0..1
Typestring
Provenance.agent.extension
Element IdProvenance.agent.extension
Definition

May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

Control0..*
TypeExtension
Alternate Namesextensions, user content
Comments

There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

Provenance.agent.modifierExtension
Element IdProvenance.agent.modifierExtension
Definition

May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

Control0..*
TypeExtension
Is Modifiertrue (Reason: Modifier extensions are expected to modify the meaning or interpretation of the element that contains them)
Alternate Namesextensions, user content, modifiers
Comments

There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

Provenance.agent.type
Element IdProvenance.agent.type
Definition

The participation the agent had with respect to the activity.

Control1..1
Terminology BindingTypes of roles that agents can play when tracking event history using Provenance.
The codes SHALL be taken from Provenance Event History Agent Role Codes; other codes may be used where these codes are not suitable
TypeCodeableConcept
Must Supporttrue
Comments

For example: author, performer, enterer, attester, etc.

Provenance.agent.role
Element IdProvenance.agent.role
Definition

The function of the agent with respect to the activity. The security role enabling the agent with respect to the activity.

Control0..*
Terminology BindingThe role that a provenance agent played with respect to the activity.
For example codes, see SecurityRoleType
TypeCodeableConcept
Comments

For example: doctor, nurse, clerk, etc.

Provenance.agent.who
Element IdProvenance.agent.who
Definition

The individual, device or organization that participated in the event.

Control1..1
TypeReference(Practitioner)
Comments

whoIdentity should be used when the agent is not a Resource type.

Provenance.agent.onBehalfOf
Element IdProvenance.agent.onBehalfOf
Definition

The individual, device, or organization for whom the change was made.

Control0..1
TypeReference(Practitioner)
Comments

onBehalfOfIdentity should be used when the agent is not a Resource type.

Provenance.agent(Author)
Element IdProvenance.agent:Author
Definition

Author.

Control0..1
TypeBackboneElement
Must Supporttrue
Requirements

An agent can be a person, an organization, software, device, or other entities that may be ascribed responsibility.

Comments

Several agents may be associated (i.e. has some responsibility for an activity) with an activity and vice-versa.

Invariants
Inherited by this element
ele-1RuleAll FHIR elements must have a @value or childrenhasValue() or (children().count() > id.count())
Provenance.agent.id
Element IdProvenance.agent:Author.id
Definition

Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

Control0..1
Typestring
Provenance.agent.extension
Element IdProvenance.agent:Author.extension
Definition

May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

Control0..*
TypeExtension
Alternate Namesextensions, user content
Comments

There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

Provenance.agent.modifierExtension
Element IdProvenance.agent:Author.modifierExtension
Definition

May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

Control0..*
TypeExtension
Is Modifiertrue (Reason: Modifier extensions are expected to modify the meaning or interpretation of the element that contains them)
Alternate Namesextensions, user content, modifiers
Comments

There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

Provenance.agent.type
Element IdProvenance.agent:Author.type
Definition

The participation the agent had with respect to the activity.

Control1..1
Terminology BindingThe type of participation that a provenance agent played with respect to the activity.
The codes SHALL be taken from Provenance participant type; other codes may be used where these codes are not suitable
TypeCodeableConcept
Must Supporttrue
Comments

For example: author, performer, enterer, attester, etc.

Pattern Value<valueCodeableConcept xmlns="http://hl7.org/fhir">
  <coding>
    <system value="http://terminology.hl7.org/CodeSystem/v3-ParticipationType"/>
    <code value="AUT"/>
  </coding>
</valueCodeableConcept>
Provenance.agent.role
Element IdProvenance.agent:Author.role
Definition

The function of the agent with respect to the activity. The security role enabling the agent with respect to the activity.

Control0..*
Terminology BindingThe role that a provenance agent played with respect to the activity.
For example codes, see SecurityRoleType
TypeCodeableConcept
Comments

For example: doctor, nurse, clerk, etc.

Provenance.agent.who
Element IdProvenance.agent:Author.who
Definition

Author Reference.

Control1..1
TypeReference(Practitioner)
Must Supporttrue
Comments

whoIdentity should be used when the agent is not a Resource type.

Provenance.agent.onBehalfOf
Element IdProvenance.agent:Author.onBehalfOf
Definition

The individual, device, or organization for whom the change was made.

Control0..1
TypeReference(Practitioner)
Comments

onBehalfOfIdentity should be used when the agent is not a Resource type.

Provenance.entity
Element IdProvenance.entity
Definition

An entity used in this activity.

Control0..*
TypeBackboneElement
Invariants
Inherited by this element
ele-1RuleAll FHIR elements must have a @value or childrenhasValue() or (children().count() > id.count())
Provenance.entity.id
Element IdProvenance.entity.id
Definition

Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.

Control0..1
Typestring
Provenance.entity.extension
Element IdProvenance.entity.extension
Definition

May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.

Control0..*
TypeExtension
Alternate Namesextensions, user content
Comments

There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

Provenance.entity.modifierExtension
Element IdProvenance.entity.modifierExtension
Definition

May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.

Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).

Control0..*
TypeExtension
Is Modifiertrue (Reason: Modifier extensions are expected to modify the meaning or interpretation of the element that contains them)
Alternate Namesextensions, user content, modifiers
Comments

There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone.

Provenance.entity.role
Element IdProvenance.entity.role
Definition

How the entity was used during the activity.

Control1..1
Terminology BindingHow an entity was used in an activity.
The codes SHALL be taken from ProvenanceEntityRole
Typecode
Provenance.entity.what
Element IdProvenance.entity.what
Definition

Identity of the Entity used. May be a logical or physical uri and maybe absolute or relative.

Control1..1
TypeReference(Resource)
Comments

whatIdentity should be used for entities that are not a Resource type.

Provenance.entity.agent
Element IdProvenance.entity.agent
Definition

The entity is attributed to an agent to express the agent's responsibility for that entity, possibly along with other agents. This description can be understood as shorthand for saying that the agent was responsible for the activity which generated the entity.

Control0..*
TypeSee Provenance.agent:Author
Comments

A usecase where one Provenance.entity.agent is used where the Entity that was used in the creation/updating of the Target, is not in the context of the same custodianship as the Target, and thus the meaning of Provenance.entity.agent is to say that the entity referenced is managed elsewhere and that this Agent provided access to it. This would be similar to where the Entity being referenced is managed outside FHIR, such as through HL7 v2, v3, or XDS. This might be where the Entity being referenced is managed in another FHIR resource server. Thus it explains the Provenance of that Entity's use in the context of this Provenance activity.

Provenance.signature
Element IdProvenance.signature
Definition

A digital signature on the target Reference(s). The signer should match a Provenance.agent. The purpose of the signature is indicated.

Control0..*
TypeSignature