Release 5 Preview #2
Security Work GroupMaturity Level: N/AStandards Status: Informative Compartments: Device, Patient, Practitioner, RelatedPerson

This is a representation of the json schema for Provenance, which is just a part of the full JSON Schema.

{
  "$schema": "http://json-schema.org/draft-06/schema#",
  "id": "http://hl7.org/fhir/json-schema/Provenance",
  "$ref": "#/definitions/Provenance",
  "description": "see http://hl7.org/fhir/json.html#schema for information about the FHIR Json Schemas",
  "definitions": {
    "Provenance": {
      "description": "Provenance of a resource is a record that describes entities and processes involved in producing and delivering or otherwise influencing that resource. Provenance provides a critical foundation for assessing authenticity, enabling trust, and allowing reproducibility. Provenance assertions are a form of contextual metadata and can themselves become important records with their own provenance. Provenance statement indicates clinical significance in terms of confidence in authenticity, reliability, and trustworthiness, integrity, and stage in lifecycle (e.g. Document Completion - has the artifact been legally authenticated), all of which may impact security, privacy, and trust policies.",
      "properties": {
        "resourceType": {
          "description": "This is a Provenance resource",
          "const": "Provenance"
        },
        "id": {
          "description": "The logical id of the resource, as used in the URL for the resource. Once assigned, this value never changes.",
          "$ref": "id.schema.json#/definitions/id"
        },
        "meta": {
          "description": "The metadata about the resource. This is content that is maintained by the infrastructure. Changes to the content might not always be associated with version changes to the resource.",
          "$ref": "Meta.schema.json#/definitions/Meta"
        },
        "implicitRules": {
          "description": "A reference to a set of rules that were followed when the resource was constructed, and which must be understood when processing the content. Often, this is a reference to an implementation guide that defines the special rules along with other profiles etc.",
          "$ref": "#/definitions/uri"
        },
        "_implicitRules": {
          "description": "Extensions for implicitRules",
          "$ref": "Element.schema.json#/definitions/Element"
        },
        "language": {
          "description": "The base language in which the resource is written.",
          "$ref": "#/definitions/code"
        },
        "_language": {
          "description": "Extensions for language",
          "$ref": "Element.schema.json#/definitions/Element"
        },
        "text": {
          "description": "A human-readable narrative that contains a summary of the resource and can be used to represent the content of the resource to a human. The narrative need not encode all the structured data, but is required to contain sufficient detail to make it \"clinically safe\" for a human to just read the narrative. Resource definitions may define what content should be represented in the narrative to ensure clinical safety.",
          "$ref": "Narrative.schema.json#/definitions/Narrative"
        },
        "contained": {
          "description": "These resources do not have an independent existence apart from the resource that contains them - they cannot be identified independently, and nor can they have their own independent transaction scope.",
          "items": {
            "$ref": "ResourceList.schema.json#/definitions/ResourceList"
          },
          "type": "array"
        },
        "extension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the resource. To make the use of extensions safe and manageable, there is a strict set of governance  applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "modifierExtension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the resource and that modifies the understanding of the element that contains it and/or the understanding of the containing element\u0027s descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer is allowed to define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.\n\nModifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "target": {
          "description": "The Reference(s) that were generated or updated by  the activity described in this resource. A provenance can point to more than one target if multiple resources were created/updated by the same activity.",
          "items": {
            "$ref": "Reference.schema.json#/definitions/Reference"
          },
          "type": "array"
        },
        "occurredPeriod": {
          "description": "The period during which the activity occurred.",
          "$ref": "Period.schema.json#/definitions/Period"
        },
        "occurredDateTime": {
          "description": "The period during which the activity occurred.",
          "pattern": "^([0-9]([0-9]([0-9][1-9]|[1-9]0)|[1-9]00)|[1-9]000)(-(0[1-9]|1[0-2])(-(0[1-9]|[1-2][0-9]|3[0-1])(T([01][0-9]|2[0-3]):[0-5][0-9]:([0-5][0-9]|60)(\\.[0-9]+)?(Z|(\\+|-)((0[0-9]|1[0-3]):[0-5][0-9]|14:00)))?)?)?$",
          "type": "string"
        },
        "_occurredDateTime": {
          "description": "Extensions for occurredDateTime",
          "$ref": "Element.schema.json#/definitions/Element"
        },
        "recorded": {
          "description": "The instant of time at which the activity was recorded.",
          "$ref": "#/definitions/instant"
        },
        "_recorded": {
          "description": "Extensions for recorded",
          "$ref": "Element.schema.json#/definitions/Element"
        },
        "policy": {
          "description": "Policy or plan the activity was defined by. Typically, a single activity may have multiple applicable policy documents, such as patient consent, guarantor funding, etc.",
          "items": {
            "$ref": "#/definitions/uri"
          },
          "type": "array"
        },
        "_policy": {
          "description": "Extensions for policy",
          "items": {
            "$ref": "Element.schema.json#/definitions/Element"
          },
          "type": "array"
        },
        "location": {
          "description": "Where the activity occurred, if relevant.",
          "$ref": "Reference.schema.json#/definitions/Reference"
        },
        "reason": {
          "description": "The reason that the activity was taking place.",
          "items": {
            "$ref": "CodeableConcept.schema.json#/definitions/CodeableConcept"
          },
          "type": "array"
        },
        "activity": {
          "description": "An activity is something that occurs over a period of time and acts upon or with entities; it may include consuming, processing, transforming, modifying, relocating, using, or generating entities.",
          "$ref": "CodeableConcept.schema.json#/definitions/CodeableConcept"
        },
        "agent": {
          "description": "An actor taking a role in an activity  for which it can be assigned some degree of responsibility for the activity taking place.",
          "items": {
            "$ref": "#/definitions/Provenance_Agent"
          },
          "type": "array"
        },
        "entity": {
          "description": "An entity used in this activity.",
          "items": {
            "$ref": "#/definitions/Provenance_Entity"
          },
          "type": "array"
        },
        "signature": {
          "description": "A digital signature on the target Reference(s). The signer should match a Provenance.agent. The purpose of the signature is indicated.",
          "items": {
            "$ref": "Signature.schema.json#/definitions/Signature"
          },
          "type": "array"
        }
      },
      "additionalProperties": false,
      "required": [
        "agent",
        "resourceType",
        "target"
      ]
    },
    "Provenance_Agent": {
      "description": "Provenance of a resource is a record that describes entities and processes involved in producing and delivering or otherwise influencing that resource. Provenance provides a critical foundation for assessing authenticity, enabling trust, and allowing reproducibility. Provenance assertions are a form of contextual metadata and can themselves become important records with their own provenance. Provenance statement indicates clinical significance in terms of confidence in authenticity, reliability, and trustworthiness, integrity, and stage in lifecycle (e.g. Document Completion - has the artifact been legally authenticated), all of which may impact security, privacy, and trust policies.",
      "properties": {
        "id": {
          "description": "Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.",
          "$ref": "string.schema.json#/definitions/string"
        },
        "extension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance  applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "modifierExtension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element\u0027s descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.\n\nModifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "type": {
          "description": "The primary act of participation of the agent with respect to the activity.",
          "$ref": "CodeableConcept.schema.json#/definitions/CodeableConcept"
        },
        "role": {
          "description": "The functional or structural roles of the agent indicating the agent\u0027s competency. The security role enabling the agent with respect to the activity.",
          "items": {
            "$ref": "CodeableConcept.schema.json#/definitions/CodeableConcept"
          },
          "type": "array"
        },
        "who": {
          "description": "The individual, device or organization that participated in the event.",
          "$ref": "Reference.schema.json#/definitions/Reference"
        },
        "onBehalfOf": {
          "description": "The individual, device, or organization for whom the change was made.",
          "$ref": "Reference.schema.json#/definitions/Reference"
        }
      },
      "additionalProperties": false,
      "required": [
        "who"
      ]
    },
    "Provenance_Entity": {
      "description": "Provenance of a resource is a record that describes entities and processes involved in producing and delivering or otherwise influencing that resource. Provenance provides a critical foundation for assessing authenticity, enabling trust, and allowing reproducibility. Provenance assertions are a form of contextual metadata and can themselves become important records with their own provenance. Provenance statement indicates clinical significance in terms of confidence in authenticity, reliability, and trustworthiness, integrity, and stage in lifecycle (e.g. Document Completion - has the artifact been legally authenticated), all of which may impact security, privacy, and trust policies.",
      "properties": {
        "id": {
          "description": "Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces.",
          "$ref": "string.schema.json#/definitions/string"
        },
        "extension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance  applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension.",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "modifierExtension": {
          "description": "May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element\u0027s descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions.\n\nModifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself).",
          "items": {
            "$ref": "Extension.schema.json#/definitions/Extension"
          },
          "type": "array"
        },
        "role": {
          "description": "How the entity was used during the activity.",
          "enum": [
            "derivation",
            "revision",
            "quotation",
            "source",
            "removal"
          ]
        },
        "_role": {
          "description": "Extensions for role",
          "$ref": "Element.schema.json#/definitions/Element"
        },
        "what": {
          "description": "Identity of the  Entity used. May be a logical or physical uri and maybe absolute or relative.",
          "$ref": "Reference.schema.json#/definitions/Reference"
        },
        "agent": {
          "description": "The entity is attributed to an agent to express the agent\u0027s responsibility for that entity, possibly along with other agents. This description can be understood as shorthand for saying that the agent was responsible for the activity which generated the entity.",
          "items": {
            "$ref": "#/definitions/Provenance_Agent"
          },
          "type": "array"
        }
      },
      "additionalProperties": false,
      "required": [
        "what"
      ]
    }
  }
}