Provenance Statements (FHIR Resource)
A Provenance statement is a FHIR record that describes Agents (actors), Entities (resources), and Activities (processes) involved in creating, transforming, or influencing a resource.
Purpose
Provenance provides:
- Traceability: Complete supply chain record for content
- Accountability: Who performed what actions
- Auditability: When and why changes occurred
- Trust basis: Foundation for CTF trust scores
FHIR Provenance Structure
Agents
Who was involved:
- Organizations (manufacturers, regulators)
- Individuals (authors, reviewers)
- Systems (Preprocessors, Connectors)
Entities
What resources were involved:
- Source resources (input)
- Derived resources (output)
- Related resources (context)
Activities
What happened:
- Creation
- Transformation (Preprocessing, Focusing)
- Retrieval (Connectors)
- Verification
- Signing
Time
When it occurred:
- Timestamp
- Period (start/end)
Reason
Why it happened:
- Purpose
- Policy
- Request
Provenance Chains
Resources may have multiple provenance records forming a chain:
Raw ePI
↓ (retrieved by Connector)
[Provenance 1: Connector retrieval]
↓
Cached ePI
↓ (annotated by Preprocessor)
[Provenance 2: Preprocessing]
↓
p(ePI)
↓ (personalized by Lens)
[Provenance 3: Focusing]
↓
f(ePI)
Generation in FOSPS
Provenance is automatically created by:
- Connectors: On resource retrieval
- Preprocessors: On annotation
- Focusing Manager: On focusing
- CTF: On signing/verification
Storage
Provenance records are stored in:
- FHIR Server alongside resources
- Audit Log for immutable backup
- Blockchain ledger for hash verification
Inspection
Provenance can be viewed using:
- CTF Inspector tool
- FHIR API queries
- Trust Functions for analysis
Related Concepts
- CTF - Trust framework using provenance
- Trust Function - Analyzes provenance
- Connectors - Generate provenance
- Preprocessor - Generate provenance
- Audit Log - Records activities
- FHIR Server - Stores provenance