This page is part of the FHIR Specification (v3.2.0: R4 Ballot 1). The current version which supercedes this version is 5.0.0. For a full list of available versions, see the Directory of published versions . Page versions: R5 R4B R4 R3
Security Work Group | Maturity Level: 3 | Trial Use | Use Context: Not Intended for Production use |
This is a value set defined by the FHIR project.
Summary
Defining URL: | http://hl7.org/fhir/ValueSet/provenance-activity-type |
Name: | ProvenanceActivityType |
Definition: | This value set contains representative Activity Type codes, which includes codes from the HL7 DocumentCompletion, ActStatus, and DataOperations code system, W3C PROV-DM and PROV-N concepts and display names, several HL7 Lifecycle Event codes for which there are agreed upon definitions, and non-duplicated codes from the HL7 Security and Privacy Ontology Operations codes. |
Committee: | Security Work Group |
OID: | 2.16.840.1.113883.4.642.3.438 (for OID based terminology systems) |
Copyright: | This is a value set of representative Activity Type codes. |
Source Resource | XML / JSON |
This value set is used in the following places:
This value set includes codes from the following code systems:
http://hl7.org/fhir/v3/DocumentCompletion
http://hl7.org/fhir/v3/ActStatus
http://hl7.org/fhir/v3/DataOperation
http://hl7.org/fhir/w3c-provenance-activity-type
http://hl7.org/fhir/extra-activity-type
This expansion generated 20 Dec 2017
This value set contains 83 concepts
Expansion based on http://hl7.org/fhir/v3/ActCode version 2017-07-31, http://hl7.org/fhir/v3/DataOperation version 2017-07-31, http://hl7.org/fhir/extra-activity-type version 1.1.0, http://hl7.org/fhir/v3/ActStatus version 2017-07-31, http://hl7.org/fhir/w3c-provenance-activity-type version 1.1.0, http://hl7.org/fhir/v3/DocumentCompletion version 2017-07-31, http://hl7.org/fhir/ValueSet/v3-ObligationPolicy version 2014-03-26
Code | System | Display | Definition |
AU | http://hl7.org/fhir/v3/DocumentCompletion | authenticated | A completion status in which a document has been signed manually or electronically by one or more individuals who attest to its accuracy. No explicit determination is made that the assigned individual has performed the authentication. While the standard allows multiple instances of authentication, it would be typical to have a single instance of authentication, usually by the assigned individual. |
DI | http://hl7.org/fhir/v3/DocumentCompletion | dictated | A completion status in which information has been orally recorded but not yet transcribed. |
DO | http://hl7.org/fhir/v3/DocumentCompletion | documented | A completion status in which document content, other than dictation, has been received but has not been translated into the final electronic format. Examples include paper documents, whether hand-written or typewritten, and intermediate electronic forms, such as voice to text. |
IN | http://hl7.org/fhir/v3/DocumentCompletion | incomplete | A completion status in which information is known to be missing from a transcribed document. |
IP | http://hl7.org/fhir/v3/DocumentCompletion | in progress | A workflow status where the material has been assigned to personnel to perform the task of transcription. The document remains in this state until the document is transcribed. |
LA | http://hl7.org/fhir/v3/DocumentCompletion | legally authenticated | A completion status in which a document has been signed manually or electronically by the individual who is legally responsible for that document. This is the most mature state in the workflow progression. |
NU | http://hl7.org/fhir/v3/DocumentCompletion | nullified document | A completion status in which a document was created in error or was placed in the wrong chart. The document is no longer available. |
PA | http://hl7.org/fhir/v3/DocumentCompletion | pre-authenticated | A completion status in which a document is transcribed but not authenticated. |
UC | http://hl7.org/fhir/v3/DocumentCompletion | unsigned completed document | A completion status where the document is complete and there is no expectation that the document will be signed. |
normal | http://hl7.org/fhir/v3/ActStatus | normal | Encompasses the expected states of an Act, but excludes "nullified" and "obsolete" which represent unusual terminal states for the life-cycle. |
aborted | http://hl7.org/fhir/v3/ActStatus | aborted | The Act has been terminated prior to the originally intended completion. |
active | http://hl7.org/fhir/v3/ActStatus | active | The Act can be performed or is being performed |
cancelled | http://hl7.org/fhir/v3/ActStatus | cancelled | The Act has been abandoned before activation. |
completed | http://hl7.org/fhir/v3/ActStatus | completed | An Act that has terminated normally after all of its constituents have been performed. |
held | http://hl7.org/fhir/v3/ActStatus | held | An Act that is still in the preparatory stages has been put aside. No action can occur until the Act is released. |
new | http://hl7.org/fhir/v3/ActStatus | new | An Act that is in the preparatory stages and may not yet be acted upon |
suspended | http://hl7.org/fhir/v3/ActStatus | suspended | An Act that has been activated (actions could or have been performed against it), but has been temporarily disabled. No further action should be taken against it until it is released |
nullified | http://hl7.org/fhir/v3/ActStatus | nullified | This Act instance was created in error and has been 'removed' and is treated as though it never existed. A record is retained for audit purposes only. |
obsolete | http://hl7.org/fhir/v3/ActStatus | obsolete | This Act instance has been replaced by a new instance. |
OPERATE | http://hl7.org/fhir/v3/DataOperation | operate | Description:Act on an object or objects. |
CREATE | http://hl7.org/fhir/v3/DataOperation | create | Description:Fundamental operation in an Information System (IS) that results only in the act of bringing an object into existence. Note: The preceding definition is taken from the HL7 RBAC specification. There is no restriction on how the operation is invoked, e.g., via a user interface. For an HL7 Act, the state transitions per the HL7 Reference Information Model. |
DELETE | http://hl7.org/fhir/v3/DataOperation | delete | Description:Fundamental operation in an Information System (IS) that results only in the removal of information about an object from memory or storage. Note: The preceding definition is taken from the HL7 RBAC specification. There is no restriction on how the operation is invoked, e.g., via a user interface. |
EXECUTE | http://hl7.org/fhir/v3/DataOperation | execute | Description:Fundamental operation in an IS that results only in initiating performance of a single or set of programs (i.e., software objects). Note: The preceding definition is taken from the HL7 RBAC specification. There is no restriction on how the operation is invoked, e.g., via a user interface. |
READ | http://hl7.org/fhir/v3/DataOperation | read | Description:Fundamental operation in an Information System (IS) that results only in the flow of information about an object to a subject. Note: The preceding definition is taken from the HL7 RBAC specification. There is no restriction on how the operation is invoked, e.g., via a user interface. |
UPDATE | http://hl7.org/fhir/v3/DataOperation | revise | Definition:Fundamental operation in an Information System (IS) that results only in the revision or alteration of an object. Note: The preceding definition is taken from the HL7 RBAC specification. There is no restriction on how the operation is invoked, e.g., via a user interface. |
APPEND | http://hl7.org/fhir/v3/DataOperation | append | Description:Fundamental operation in an Information System (IS) that results only in the addition of information to an object already in existence. Note: The preceding definition is taken from the HL7 RBAC specification. There is no restriction on how the operation is invoked, e.g., via a user interface. |
MODIFYSTATUS | http://hl7.org/fhir/v3/DataOperation | modify status | Description:Change the status of an object representing an Act. |
ABORT | http://hl7.org/fhir/v3/DataOperation | abort | Description:Change the status of an object representing an Act to "aborted", i.e., terminated prior to the originally intended completion. For an HL7 Act, the state transitions per the HL7 Reference Information Model. |
ACTIVATE | http://hl7.org/fhir/v3/DataOperation | activate | Description:Change the status of an object representing an Act to "active", i.e., so it can be performed or is being performed, for the first time. (Contrast with REACTIVATE.) For an HL7 Act, the state transitions per the HL7 Reference Information Model. |
CANCEL | http://hl7.org/fhir/v3/DataOperation | cancel | Description:Change the status of an object representing an Act to "cancelled", i.e., abandoned before activation. For an HL7 Act, the state transitions per the HL7 Reference Information Model. |
COMPLETE | http://hl7.org/fhir/v3/DataOperation | complete | Description:Change the status of an object representing an Act to "completed", i.e., terminated normally after all of its constituents have been performed. For an HL7 Act, the state transitions per the HL7 Reference Information Model. |
HOLD | http://hl7.org/fhir/v3/DataOperation | hold | Description:Change the status of an object representing an Act to "held", i.e., put aside an Act that is still in preparatory stages. No action can occur until the Act is released. For an HL7 Act, the state transitions per the HL7 Reference Information Model. |
JUMP | http://hl7.org/fhir/v3/DataOperation | jump | Description:Change the status of an object representing an Act to a normal state. For an HL7 Act, the state transitions per the HL7 Reference Information Model. |
NULLIFY | http://hl7.org/fhir/v3/DataOperation | nullify | Description:Change the status of an object representing an Act to "nullified", i.e., treat as though it never existed. For an HL7 Act, the state transitions per the HL7 Reference Information Model. |
OBSOLETE | http://hl7.org/fhir/v3/DataOperation | obsolete | Description:Change the status of an object representing an Act to "obsolete" when it has been replaced by a new instance. For an HL7 Act, the state transitions per the HL7 Reference Information Model. |
REACTIVATE | http://hl7.org/fhir/v3/DataOperation | reactivate | Description:Change the status of a formerly active object representing an Act to "active", i.e., so it can again be performed or is being performed. (Contrast with ACTIVATE.) For an HL7 Act, the state transitions per the HL7 Reference Information Model. |
RELEASE | http://hl7.org/fhir/v3/DataOperation | release | Description:Change the status of an object representing an Act so it is no longer "held", i.e., allow action to occur. For an HL7 Act, the state transitions per the HL7 Reference Information Model. |
RESUME | http://hl7.org/fhir/v3/DataOperation | resume | Description:Change the status of a suspended object representing an Act to "active", i.e., so it can be performed or is being performed. For an HL7 Act, the state transitions per the HL7 Reference Information Model. |
SUSPEND | http://hl7.org/fhir/v3/DataOperation | suspend | Definition:Change the status of an object representing an Act to suspended, i.e., so it is temporarily not in service. |
ObligationPolicy | http://hl7.org/fhir/v3/ActCode | obligation policy | Conveys the mandated workflow action that an information custodian, receiver, or user must perform. Usage Notes: Per ISO 22600-2, ObligationPolicy instances 'are event-triggered and define actions to be performed by manager agent'. Per HL7 Composite Security and Privacy Domain Analysis Model: This value set refers to the action required to receive the permission specified in the privacy rule. Per OASIS XACML, an obligation is an operation specified in a policy or policy that is performed in conjunction with the enforcement of an access control decision. |
ANONY | http://hl7.org/fhir/v3/ActCode | anonymize | Custodian system must remove any information that could result in identifying the information subject. |
AOD | http://hl7.org/fhir/v3/ActCode | accounting of disclosure | Custodian system must make available to an information subject upon request an accounting of certain disclosures of the individual’s protected health information over a period of time. Policy may dictate that the accounting include information about the information disclosed, the date of disclosure, the identification of the receiver, the purpose of the disclosure, the time in which the disclosing entity must provide a response and the time period for which accountings of disclosure can be requested. |
AUDIT | http://hl7.org/fhir/v3/ActCode | audit | Custodian system must monitor systems to ensure that all users are authorized to operate on information objects. |
AUDTR | http://hl7.org/fhir/v3/ActCode | audit trail | Custodian system must monitor and maintain retrievable log for each user and operation on information. |
CPLYCC | http://hl7.org/fhir/v3/ActCode | comply with confidentiality code | Custodian security system must retrieve, evaluate, and comply with the information handling directions of the Confidentiality Code associated with an information target. |
CPLYCD | http://hl7.org/fhir/v3/ActCode | comply with consent directive | Custodian security system must retrieve, evaluate, and comply with applicable information subject consent directives. |
CPLYJPP | http://hl7.org/fhir/v3/ActCode | comply with jurisdictional privacy policy | Custodian security system must retrieve, evaluate, and comply with applicable jurisdictional privacy policies associated with the target information. |
CPLYOPP | http://hl7.org/fhir/v3/ActCode | comply with organizational privacy policy | Custodian security system must retrieve, evaluate, and comply with applicable organizational privacy policies associated with the target information. |
CPLYOSP | http://hl7.org/fhir/v3/ActCode | comply with organizational security policy | Custodian security system must retrieve, evaluate, and comply with the organizational security policies associated with the target information. |
CPLYPOL | http://hl7.org/fhir/v3/ActCode | comply with policy | Custodian security system must retrieve, evaluate, and comply with applicable policies associated with the target information. |
DECLASSIFYLABEL | http://hl7.org/fhir/v3/ActCode | declassify security label | Custodian security system must declassify information assigned security labels by instantiating a new version of the classified information so as to break the binding of the classifying security label when assigning a new security label that marks the information as unclassified in accordance with applicable jurisdictional privacy policies associated with the target information. The system must retain an immutable record of the previous assignment and binding. |
DEID | http://hl7.org/fhir/v3/ActCode | deidentify | Custodian system must strip information of data that would allow the identification of the source of the information or the information subject. |
DELAU | http://hl7.org/fhir/v3/ActCode | delete after use | Custodian system must remove target information from access after use. |
DOWNGRDLABEL | http://hl7.org/fhir/v3/ActCode | downgrade security label | Custodian security system must downgrade information assigned security labels by instantiating a new version of the classified information so as to break the binding of the classifying security label when assigning a new security label that marks the information as classified at a less protected level in accordance with applicable jurisdictional privacy policies associated with the target information. The system must retain an immutable record of the previous assignment and binding. |
DRIVLABEL | http://hl7.org/fhir/v3/ActCode | derive security label | Custodian security system must assign and bind security labels derived from compilations of information by aggregation or disaggregation in order to classify information compiled in the information systems under its control for collection, access, use and disclosure in accordance with applicable jurisdictional privacy policies associated with the target information. The system must retain an immutable record of the previous assignment and binding. |
ENCRYPT | http://hl7.org/fhir/v3/ActCode | encrypt | Custodian system must render information unreadable by algorithmically transforming plaintext into ciphertext. Usage Notes: A mathematical transposition of a file or data stream so that it cannot be deciphered at the receiving end without the proper key. Encryption is a security feature that assures that only the parties who are supposed to be participating in a videoconference or data transfer are able to do so. It can include a password, public and private keys, or a complex combination of all. (Per Infoway.) |
ENCRYPTR | http://hl7.org/fhir/v3/ActCode | encrypt at rest | Custodian system must render information unreadable and unusable by algorithmically transforming plaintext into ciphertext when "at rest" or in storage. |
ENCRYPTT | http://hl7.org/fhir/v3/ActCode | encrypt in transit | Custodian system must render information unreadable and unusable by algorithmically transforming plaintext into ciphertext while "in transit" or being transported by any means. |
ENCRYPTU | http://hl7.org/fhir/v3/ActCode | encrypt in use | Custodian system must render information unreadable and unusable by algorithmically transforming plaintext into ciphertext while in use such that operations permitted on the target information are limited by the license granted to the end user. |
HUAPRV | http://hl7.org/fhir/v3/ActCode | human approval | Custodian system must require human review and approval for permission requested. |
LABEL | http://hl7.org/fhir/v3/ActCode | assign security label | Custodian security system must assign and bind security labels in order to classify information created in the information systems under its control for collection, access, use and disclosure in accordance with applicable jurisdictional privacy policies associated with the target information. The system must retain an immutable record of the assignment and binding. Usage Note: In security systems, security policy label assignments do not change, they may supersede prior assignments, and such reassignments are always tracked for auditing and other purposes. |
MASK | http://hl7.org/fhir/v3/ActCode | mask | Custodian system must render information unreadable and unusable by algorithmically transforming plaintext into ciphertext. User may be provided a key to decrypt per license or "shared secret". |
MINEC | http://hl7.org/fhir/v3/ActCode | minimum necessary | Custodian must limit access and disclosure to the minimum information required to support an authorized user's purpose of use. Usage Note: Limiting the information available for access and disclosure to that an authorized user or receiver "needs to know" in order to perform permitted workflow or purpose of use. |
PERSISTLABEL | http://hl7.org/fhir/v3/ActCode | persist security label | Custodian security system must persist the binding of security labels to classify information received or imported by information systems under its control for collection, access, use and disclosure in accordance with applicable jurisdictional privacy policies associated with the target information. The system must retain an immutable record of the assignment and binding. |
PRIVMARK | http://hl7.org/fhir/v3/ActCode | privacy mark | Custodian must create and/or maintain human readable security label tags as required by policy. Map: Aligns with ISO 22600-3 Section A.3.4.3 description of privacy mark: "If present, the privacy-mark is not used for access control. The content of the privacy-mark may be defined by the security policy in force (identified by the security-policy-identifier) which may define a list of values to be used. Alternately, the value may be determined by the originator of the security-label." |
PSEUD | http://hl7.org/fhir/v3/ActCode | pseudonymize | Custodian system must strip information of data that would allow the identification of the source of the information or the information subject. Custodian may retain a key to relink data necessary to reidentify the information subject. |
REDACT | http://hl7.org/fhir/v3/ActCode | redact | Custodian system must remove information, which is not authorized to be access, used, or disclosed from records made available to otherwise authorized users. |
UPGRDLABEL | http://hl7.org/fhir/v3/ActCode | upgrade security label | Custodian security system must declassify information assigned security labels by instantiating a new version of the classified information so as to break the binding of the classifying security label when assigning a new security label that marks the information as classified at a more protected level in accordance with applicable jurisdictional privacy policies associated with the target information. The system must retain an immutable record of the previous assignment and binding. |
Generation | http://hl7.org/fhir/w3c-provenance-activity-type | wasGeneratedBy | The completion of production of a new entity by an activity. This entity did not exist before generation and becomes available for usage after this generation. Given that a generation is the completion of production of an entity, it is instantaneous. |
Usage | http://hl7.org/fhir/w3c-provenance-activity-type | used | the beginning of utilizing an entity by an activity. Before usage, the activity had not begun to utilize this entity and could not have been affected by the entity. (Note: This definition is formulated for a given usage; it is permitted for an activity to have used a same entity multiple times.) Given that a usage is the beginning of utilizing an entity, it is instantaneous. |
Communication | http://hl7.org/fhir/w3c-provenance-activity-type | wasInformedBy | The exchange of some unspecified entity by two activities, one activity using some entity generated by the other. A communication implies that activity a2 is dependent on another activity, a1, by way of some unspecified entity that is generated by a1 and used by a2. |
Start | http://hl7.org/fhir/w3c-provenance-activity-type | wasStartedBy | When an activity is deemed to have been started by an entity, known as trigger. The activity did not exist before its start. Any usage, generation, or invalidation involving an activity follows the activity's start. A start may refer to a trigger entity that set off the activity, or to an activity, known as starter, that generated the trigger. Given that a start is when an activity is deemed to have started, it is instantaneous. |
End | http://hl7.org/fhir/w3c-provenance-activity-type | wasEndedBy | When an activity is deemed to have been ended by an entity, known as trigger. The activity no longer exists after its end. Any usage, generation, or invalidation involving an activity precedes the activity's end. An end may refer to a trigger entity that terminated the activity, or to an activity, known as ender that generated the trigger. |
Invalidation | http://hl7.org/fhir/w3c-provenance-activity-type | wasInvalidatedBy | The start of the destruction, cessation, or expiry of an existing entity by an activity. The entity is no longer available for use (or further invalidation) after invalidation. Any generation or usage of an entity precedes its invalidation. Given that an invalidation is the start of destruction, cessation, or expiry, it is instantaneous. |
Derivation | http://hl7.org/fhir/w3c-provenance-activity-type | wasDerivedFrom | A transformation of an entity into another, an update of an entity resulting in a new one, or the construction of a new entity based on a pre-existing entity. For an entity to be transformed from, created from, or resulting from an update to another, there must be some underpinning activity or activities performing the necessary action(s) resulting in such a derivation. A derivation can be described at various levels of precision. In its simplest form, derivation relates two entities. Optionally, attributes can be added to represent further information about the derivation. If the derivation is the result of a single known activity, then this activity can also be optionally expressed. To provide a completely accurate description of the derivation, the generation and usage of the generated and used entities, respectively, can be provided, so as to make the derivation path, through usage, activity, and generation, explicit. Optional information such as activity, generation, and usage can be linked to derivations to aid analysis of provenance and to facilitate provenance-based reproducibility. |
Revision | http://hl7.org/fhir/w3c-provenance-activity-type | wasRevisionOf | A derivation for which the resulting entity is a revised version of some original. The implication here is that the resulting entity contains substantial content from the original. A revision relation is a kind of derivation relation from a revised entity to a preceding entity. |
Quotation | http://hl7.org/fhir/w3c-provenance-activity-type | wasQuotedFrom | The repeat of (some or all of) an entity, such as text or image, by someone who might or might not be its original author. A quotation relation is a kind of derivation relation, for which an entity was derived from a preceding entity by copying, or 'quoting', some or all of it. |
Primary-Source | http://hl7.org/fhir/w3c-provenance-activity-type | wasPrimarySourceOf | Refers to something produced by some agent with direct experience and knowledge about the topic, at the time of the topic's study, without benefit from hindsight. Because of the directness of primary sources, they 'speak for themselves' in ways that cannot be captured through the filter of secondary sources. As such, it is important for secondary sources to reference those primary sources from which they were derived, so that their reliability can be investigated. It is also important to note that a given entity might be a primary source for one entity but not another. It is the reason why Primary Source is defined as a relation as opposed to a subtype of Entity. |
Attribution | http://hl7.org/fhir/w3c-provenance-activity-type | wasAttributedTo | Ascribing of an entity (object/document) to an agent. |
Collection | http://hl7.org/fhir/w3c-provenance-activity-type | isCollectionOf | An aggregating activity that results in composition of an entity, which provides a structure to some constituents that must themselves be entities. These constituents are said to be member of the collections. |
aggregate | http://hl7.org/fhir/extra-activity-type | aggregate | Activity resulting in a structured collection of preexisting content that does not necessarily result in an integral object with semantic context making it more than the sum of component parts, from which components could be disaggregated without loss of semantic context, e.g., the assembly of multiple stand-alone documents. |
compose | http://hl7.org/fhir/extra-activity-type | compose | Activity resulting in the structured compilation of new and preexisting content for the purposes of forming an integral object with semantic context making it more than the sum of component parts, which would be lost if decomposed. For example, the composition of a document that includes in whole or part other documents along with new content that result in a new document that has unique semantic meaning. |
label | http://hl7.org/fhir/extra-activity-type | label | The means used to associate a set of security attributes with a specific information object as part of the data structure for that object. [ISO-10181-3 Access Control] |
See the full registry of value sets defined as part of FHIR.
Explanation of the columns that may appear on this page:
Lvl | A few code lists that FHIR defines are hierarchical - each code is assigned a level. For value sets, levels are mostly used to organise codes for user convenience, but may follow code system hierarchy - see Code System for further information |
Source | The source of the definition of the code (when the value set draws in codes defined elsewhere) |
Code | The code (used as the code in the resource instance). If the code is in italics, this indicates that the code is not selectable ('Abstract') |
Display | The display (used in the display element of a Coding). If there is no display, implementers should not simply display the code, but map the concept into their application |
Definition | An explanation of the meaning of the concept |
Comments | Additional notes about how to use the code |