Release 5 Preview #2

This page is part of the FHIR Specification (v4.4.0: R5 Preview #2). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions . Page versions: R5 R4B R4 R3

4.4.1.205 Value Set http://hl7.org/fhir/ValueSet/provenance-activity-type

Security Work Group Maturity Level: 3Trial Use Use Context: Any

This is a value set defined by the FHIR project.

Summary

Defining URL:http://hl7.org/fhir/ValueSet/provenance-activity-type
Version:4.4.0
Name:ProvenanceActivityType
Title:Provenance activity type
Definition:

This value set contains representative Activity Type codes, which includes codes from the HL7 DocumentCompletion, ActStatus, and DataOperations code system, W3C PROV-DM and PROV-N concepts and display names, several HL7 Lifecycle Event codes for which there are agreed upon definitions, and non-duplicated codes from the HL7 Security and Privacy Ontology Operations codes.

Committee:Security Work Group
OID:2.16.840.1.113883.4.642.3.438 (for OID based terminology systems)
Copyright:

This is a value set of representative Activity Type codes.

Source ResourceXML / JSON

This value set is used in the following places:


  • Include these codes as defined in http://terminology.hl7.org/CodeSystem/v3-DocumentCompletion
    CodeDisplay
    LAlegally authenticatedA completion status in which a document has been signed manually or electronically by the individual who is legally responsible for that document. This is the most mature state in the workflow progression.
  • Include these codes as defined in http://terminology.hl7.org/CodeSystem/v3-ActCode
    CodeDisplay
    ANONYanonymizeCustodian system must remove any information that could result in identifying the information subject.
    DEIDdeidentifyCustodian system must strip information of data that would allow the identification of the source of the information or the information subject.
    MASKmaskCustodian system must render information unreadable and unusable by algorithmically transforming plaintext into ciphertext. User may be provided a key to decrypt per license or "shared secret".
    LABELassign security labelCustodian security system must assign and bind security labels in order to classify information created in the information systems under its control for collection, access, use and disclosure in accordance with applicable jurisdictional privacy policies associated with the target information. The system must retain an immutable record of the assignment and binding.
    Usage Note: In security systems, security policy label assignments do not change, they may supersede prior assignments, and such reassignments are always tracked for auditing and other purposes.
    PSEUDpseudonymizeCustodian system must strip information of data that would allow the identification of the source of the information or the information subject. Custodian may retain a key to relink data necessary to reidentify the information subject.
  • Include these codes as defined in http://terminology.hl7.org/CodeSystem/v3-DataOperation
    CodeDisplay
    CREATEcreateDescription:Fundamental operation in an Information System (IS) that results only in the act of bringing an object into existence. Note: The preceding definition is taken from the HL7 RBAC specification. There is no restriction on how the operation is invoked, e.g., via a user interface. For an HL7 Act, the state transitions per the HL7 Reference Information Model.
    DELETEdeleteDescription:Fundamental operation in an Information System (IS) that results only in the removal of information about an object from memory or storage. Note: The preceding definition is taken from the HL7 RBAC specification. There is no restriction on how the operation is invoked, e.g., via a user interface.
    UPDATEreviseDefinition:Fundamental operation in an Information System (IS) that results only in the revision or alteration of an object. Note: The preceding definition is taken from the HL7 RBAC specification. There is no restriction on how the operation is invoked, e.g., via a user interface.
    APPENDappendDescription:Fundamental operation in an Information System (IS) that results only in the addition of information to an object already in existence. Note: The preceding definition is taken from the HL7 RBAC specification. There is no restriction on how the operation is invoked, e.g., via a user interface.
    NULLIFYnullifyDescription:Change the status of an object representing an Act to "nullified", i.e., treat as though it never existed. For an HL7 Act, the state transitions per the HL7 Reference Information Model.
  • Include all codes defined in http://terminology.hl7.org/CodeSystem/iso-21089-lifecycle

This value set includes codes based on the following rules:

 

This expansion generated 03 May 2020


This value set contains 38 concepts

CodeSystemDisplayLogical Definition (CLD)
LAhttp://terminology.hl7.org/CodeSystem/v3-DocumentCompletionlegally authenticatedA completion status in which a document has been signed manually or electronically by the individual who is legally responsible for that document. This is the most mature state in the workflow progression.
ANONYhttp://terminology.hl7.org/CodeSystem/v3-ActCodeanonymizeCustodian system must remove any information that could result in identifying the information subject.
DEIDhttp://terminology.hl7.org/CodeSystem/v3-ActCodedeidentifyCustodian system must strip information of data that would allow the identification of the source of the information or the information subject.
MASKhttp://terminology.hl7.org/CodeSystem/v3-ActCodemaskCustodian system must render information unreadable and unusable by algorithmically transforming plaintext into ciphertext. User may be provided a key to decrypt per license or "shared secret".
LABELhttp://terminology.hl7.org/CodeSystem/v3-ActCodeassign security labelCustodian security system must assign and bind security labels in order to classify information created in the information systems under its control for collection, access, use and disclosure in accordance with applicable jurisdictional privacy policies associated with the target information. The system must retain an immutable record of the assignment and binding. Usage Note: In security systems, security policy label assignments do not change, they may supersede prior assignments, and such reassignments are always tracked for auditing and other purposes.
PSEUDhttp://terminology.hl7.org/CodeSystem/v3-ActCodepseudonymizeCustodian system must strip information of data that would allow the identification of the source of the information or the information subject. Custodian may retain a key to relink data necessary to reidentify the information subject.
CREATEhttp://terminology.hl7.org/CodeSystem/v3-DataOperationcreateDescription:Fundamental operation in an Information System (IS) that results only in the act of bringing an object into existence. Note: The preceding definition is taken from the HL7 RBAC specification. There is no restriction on how the operation is invoked, e.g., via a user interface. For an HL7 Act, the state transitions per the HL7 Reference Information Model.
DELETEhttp://terminology.hl7.org/CodeSystem/v3-DataOperationdeleteDescription:Fundamental operation in an Information System (IS) that results only in the removal of information about an object from memory or storage. Note: The preceding definition is taken from the HL7 RBAC specification. There is no restriction on how the operation is invoked, e.g., via a user interface.
UPDATEhttp://terminology.hl7.org/CodeSystem/v3-DataOperationreviseDefinition:Fundamental operation in an Information System (IS) that results only in the revision or alteration of an object. Note: The preceding definition is taken from the HL7 RBAC specification. There is no restriction on how the operation is invoked, e.g., via a user interface.
APPENDhttp://terminology.hl7.org/CodeSystem/v3-DataOperationappendDescription:Fundamental operation in an Information System (IS) that results only in the addition of information to an object already in existence. Note: The preceding definition is taken from the HL7 RBAC specification. There is no restriction on how the operation is invoked, e.g., via a user interface.
NULLIFYhttp://terminology.hl7.org/CodeSystem/v3-DataOperationnullifyDescription:Change the status of an object representing an Act to "nullified", i.e., treat as though it never existed. For an HL7 Act, the state transitions per the HL7 Reference Information Model.
accesshttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleAccess/View Record Lifecycle EventOccurs when an agent causes the system to obtain and open a record entry for inspection or review.
holdhttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleAdd Legal Hold Record Lifecycle EventOccurs when an agent causes the system to tag or otherwise indicate special access management and suspension of record entry deletion/destruction, if deemed relevant to a lawsuit or which are reasonably anticipated to be relevant or to fulfill organizational policy under the legal doctrine of “duty to preserve”.
amendhttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleAmend (Update) Record Lifecycle EventOccurs when an agent makes any change to record entry content currently residing in storage considered permanent (persistent).
archivehttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleArchive Record Lifecycle EventOccurs when an agent causes the system to create and move archive artifacts containing record entry content, typically to long-term offline storage.
attesthttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleAttest Record Lifecycle EventOccurs when an agent causes the system to capture the agent’s digital signature (or equivalent indication) during formal validation of record entry content.
decrypthttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleDecrypt Record Lifecycle EventOccurs when an agent causes the system to decode record entry content from a cipher.
deidentifyhttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleDe-Identify (Anononymize) Record Lifecycle EventOccurs when an agent causes the system to scrub record entry content to reduce the association between a set of identifying data and the data subject in a way that might or might not be reversible.
deprecatehttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleDeprecate Record Lifecycle EventOccurs when an agent causes the system to tag record entry(ies) as obsolete, erroneous or untrustworthy, to warn against its future use.
destroyhttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleDestroy/Delete Record Lifecycle EventOccurs when an agent causes the system to permanently erase record entry content from the system.
disclosehttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleDisclose Record Lifecycle EventOccurs when an agent causes the system to release, transfer, provision access to, or otherwise divulge record entry content.
encrypthttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleEncrypt Record Lifecycle EventOccurs when an agent causes the system to encode record entry content in a cipher.
extracthttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleExtract Record Lifecycle EventOccurs when an agent causes the system to selectively pull out a subset of record entry content, based on explicit criteria.
linkhttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleLink Record Lifecycle EventOccurs when an agent causes the system to connect related record entries.
mergehttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleMerge Record Lifecycle EventOccurs when an agent causes the system to combine or join content from two or more record entries, resulting in a single logical record entry.
originatehttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleOriginate/Retain Record Lifecycle EventOccurs when an agent causes the system to: a) initiate capture of potential record content, and b) incorporate that content into the storage considered a permanent part of the health record.
pseudonymizehttp://terminology.hl7.org/CodeSystem/iso-21089-lifecyclePseudonymize Record Lifecycle EventOccurs when an agent causes the system to remove record entry content to reduce the association between a set of identifying data and the data subject in a way that may be reversible.
reactivatehttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleRe-activate Record Lifecycle EventOccurs when an agent causes the system to recreate or restore full status to record entries previously deleted or deprecated.
receivehttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleReceive/Retain Record Lifecycle EventOccurs when an agent causes the system to a) initiate capture of data content from elsewhere, and b) incorporate that content into the storage considered a permanent part of the health record.
reidentifyhttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleRe-identify Record Lifecycle EventOccurs when an agent causes the system to restore information to data that allows identification of information source and/or information subject.
unholdhttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleRemove Legal Hold Record Lifecycle EventOccurs when an agent causes the system to remove a tag or other cues for special access management had required to fulfill organizational policy under the legal doctrine of “duty to preserve”.
reporthttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleReport (Output) Record Lifecycle EventOccurs when an agent causes the system to produce and deliver record entry content in a particular form and manner.
restorehttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleRestore Record Lifecycle EventOccurs when an agent causes the system to recreate record entries and their content from a previous created archive artefact.
transformhttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleTransform/Translate Record Lifecycle EventOccurs when an agent causes the system to change the form, language or code system used to represent record entry content.
transmithttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleTransmit Record Lifecycle EventOccurs when an agent causes the system to send record entry content from one (EHR/PHR/other) system to another.
unlinkhttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleUnlink Record Lifecycle EventOccurs when an agent causes the system to disconnect two or more record entries previously connected, rendering them separate (disconnected) again.
unmergehttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleUnmerge Record Lifecycle EventOccurs when an agent causes the system to reverse a previous record entry merge operation, rendering them separate again.
verifyhttp://terminology.hl7.org/CodeSystem/iso-21089-lifecycleVerify Record Lifecycle EventOccurs when an agent causes the system to confirm compliance of data or data objects with regulations, requirements, specifications, or other imposed conditions based on organizational policy.

 

See the full registry of value sets defined as part of FHIR.


Explanation of the columns that may appear on this page:

LvlA few code lists that FHIR defines are hierarchical - each code is assigned a level. For value sets, levels are mostly used to organize codes for user convenience, but may follow code system hierarchy - see Code System for further information
SourceThe source of the definition of the code (when the value set draws in codes defined elsewhere)
CodeThe code (used as the code in the resource instance). If the code is in italics, this indicates that the code is not selectable ('Abstract')
DisplayThe display (used in the display element of a Coding). If there is no display, implementers should not simply display the code, but map the concept into their application
DefinitionAn explanation of the meaning of the concept
CommentsAdditional notes about how to use the code