NVD FHIR API integrācijas apraksts

Parakstīšanas prasības

Nozīmīga papildus informācija

Ar JWS specifikāciju var iepazīties šeit.
Ar JSON objekta veidošanu par iepazīties šeit.
Base64URL kodēšanas specifika ir aprakstīta šeit.
X-provenace galvenas laukā provenaces profilam atbilstošajos datos nepieciešams obligāti norādī provenaces profilu!

Piemērs:

{
    "meta": {
        "profile": [
            "https://vvis.gov.lv/fhir/StructureDefinition/Provenance/SignatureProvenance-v1"
        ]
    }
    <<<Biznesa dati>>>
}

.Net provenaces un paraksta izveidošanas piemērs aprakstīts zemāk.

Provenaces profils

NVD FHIR API nodrošina, ka atgriezto datu struktūra atbilst paraksta provinaces porfilam profilam Provenance for signed request validations:

SignatureProvenance (Provenance)	I		Provenance	There are no (further) constraints on this element Element id Provenance Short description Who, What, When for a set of resources Alternate names History, Event, Activity Definition Provenance of a resource is a record that describes entities and processes involved in producing and delivering or otherwise influencing that resource. Provenance provides a critical foundation for assessing authenticity, enabling trust, and allowing reproducibility. Provenance assertions are a form of contextual metadata and can themselves become important records with their own provenance. Provenance statement indicates clinical significance in terms of confidence in authenticity, reliability, and trustworthiness, integrity, and stage in lifecycle (e.g. Document Completion - has the artifact been legally authenticated), all of which may impact security, privacy, and trust policies. Comments Some parties may be duplicated between the target resource and its provenance. For instance, the prescriber is usually (but not always) the author of the prescription resource. This resource is defined with close consideration for W3C Provenance. Data type Provenance Constraints dom-2: If the resource is contained in another resource, it SHALL NOT contain nested Resources `contained.contained.empty()` dom-4: If a resource is contained in another resource, it SHALL NOT have a meta.versionId or a meta.lastUpdated `contained.meta.versionId.empty() and contained.meta.lastUpdated.empty()` dom-3: If the resource is contained in another resource, it SHALL be referred to from elsewhere in the resource or SHALL refer to the containing resource `contained.where(((id.exists() and ('#'+id in (%resource.descendants().reference \| %resource.descendants().as(canonical) \| %resource.descendants().as(uri) \| %resource.descendants().as(url)))) or descendants().where(reference = '#').exists() or descendants().where(as(canonical) = '#').exists() or descendants().where(as(uri) = '#').exists()).not()).trace('unmatched', id).empty()` dom-6: A resource should have narrative for robust management text.`div`.exists() dom-5: If a resource is contained in another resource, it SHALL NOT have a security label `contained.meta.security.empty()` Mappings rim: Entity. Role, or Act workflow: Event rim: ControlAct[isNormalAct() and subsumes(CACT, classCode) and moodCode=EVN] w3c.prov: Activity w5: infrastructure.information
id	Σ	0..1	id	There are no (further) constraints on this element Element id Provenance.id Short description Logical id of this artifact Definition The logical id of the resource, as used in the URL for the resource. Once assigned, this value never changes. Comments The only time that a resource does not have an id is when it is being submitted to the server using a create operation. Data type id
meta	Σ	0..1	Meta	There are no (further) constraints on this element Element id Provenance.meta Short description Metadata about the resource Definition The metadata about the resource. This is content that is maintained by the infrastructure. Changes to the content might not always be associated with version changes to the resource. Data type Meta Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A
implicitRules	Σ ?!	0..1	uri	There are no (further) constraints on this element Element id Provenance.implicitRules Short description A set of rules under which this content was created Definition A reference to a set of rules that were followed when the resource was constructed, and which must be understood when processing the content. Often, this is a reference to an implementation guide that defines the special rules along with other profiles etc. Comments Asserting this rule set restricts the content to be only understood by a limited set of trading partners. This inherently limits the usefulness of the data in the long term. However, the existing health eco-system is highly fractured, and not yet ready to define, collect, and exchange data in a generally computable sense. Wherever possible, implementers and/or specification writers should avoid using this element. Often, when used, the URL is a reference to an implementation guide that defines these special rules as part of it's narrative along with other profiles, value sets, etc. Data type uri Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a
language		0..1	codeBinding	There are no (further) constraints on this element Element id Provenance.language Short description Language of the resource content Definition The base language in which the resource is written. Comments Language is provided to support indexing and accessibility (typically, services such as text to speech use the language tag). The html language tag in the narrative applies to the narrative. The language tag on the resource may be used to specify the language of other presentations generated from the data in the resource. Not all the content has to be in the base language. The Resource.language should not be assumed to apply to the narrative automatically. If a language is specified, it should it also be specified on the div element in the html (see rules in HTML5 for information about the relationship between xml:lang and the html lang attribute). Data type code Binding IETF language tag CommonLanguages (preferred) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a
text		0..1	Narrative	There are no (further) constraints on this element Element id Provenance.text Short description Text summary of the resource, for human interpretation Alternate names narrative, html, xhtml, display Definition A human-readable narrative that contains a summary of the resource and can be used to represent the content of the resource to a human. The narrative need not encode all the structured data, but is required to contain sufficient detail to make it "clinically safe" for a human to just read the narrative. Resource definitions may define what content should be represented in the narrative to ensure clinical safety. Comments Contained resources do not have narrative. Resources that are not contained SHOULD have a narrative. In some cases, a resource may only have text with little or no additional discrete data (as long as all minOccurs=1 elements are satisfied). This may be necessary for data from legacy systems where information is captured as a "text blob" or where text is additionally entered raw or narrated and encoded information is added later. Data type Narrative Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A rim: Act.text?
contained	I	0..*	Resource	There are no (further) constraints on this element Element id Provenance.contained Short description Contained, inline Resources Alternate names inline resources, anonymous resources, contained resources Definition These resources do not have an independent existence apart from the resource that contains them - they cannot be identified independently, and nor can they have their own independent transaction scope. Comments This should never be done when the content can be identified properly, as once identification is lost, it is extremely difficult (and context dependent) to restore it again. Contained resources may have profiles and tags In their meta elements, but SHALL NOT have security labels. Data type Resource Constraints dom-r4b: Containing new R4B resources within R4 resources may cause interoperability issues if instances are shared with R4 systems ($this is Citation or $this is Evidence or $this is EvidenceReport or $this is EvidenceVariable or $this is MedicinalProductDefinition or $this is PackagedProductDefinition or $this is AdministrableProductDefinition or $this is Ingredient or $this is ClinicalUseDefinition or $this is RegulatedAuthorization or $this is SubstanceDefinition or $this is SubscriptionStatus or $this is SubscriptionTopic) implies (%resource is Citation or %resource is Evidence or %resource is EvidenceReport or %resource is EvidenceVariable or %resource is MedicinalProductDefinition or %resource is PackagedProductDefinition or %resource is AdministrableProductDefinition or %resource is Ingredient or %resource is ClinicalUseDefinition or %resource is RegulatedAuthorization or %resource is SubstanceDefinition or %resource is SubscriptionStatus or %resource is SubscriptionTopic) Mappings rim: Entity. Role, or Act rim: N/A
extension	I	0..*	Extension	There are no (further) constraints on this element Element id Provenance.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the resource. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Sliced: Unordered, Open, by url(Value) Extensions are always sliced by (at least) url Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a rim: N/A
modifierExtension	?! I	0..*	Extension	There are no (further) constraints on this element Element id Provenance.modifierExtension Short description Extensions that cannot be ignored Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the resource and that modifies the understanding of the element that contains it and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer is allowed to define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself). Requirements Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Sliced: Unordered, Open, by url(Value) Extensions are always sliced by (at least) url Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a rim: N/A
target	Σ I	1..*	Reference(Resource)	There are no (further) constraints on this element Element id Provenance.target Short description Target Reference(s) (usually version specific) Definition The Reference(s) that were generated or updated by the activity described in this resource. A provenance can point to more than one target if multiple resources were created/updated by the same activity. Comments Target references are usually version specific, but might not be, if a version has not been assigned or if the provenance information is part of the set of resources being maintained (i.e. a document). When using the RESTful API, the identity of the resource might not be known (especially not the version specific one); the client may either submit the resource first, and then the provenance, or it may submit both using a single transaction. See the notes on transaction for further discussion. Data type Reference(Resource) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ref-1: SHALL have a contained resource if a local reference is provided `reference.startsWith('#').not() or (reference.substring(1).trace('url') in %rootResource.contained.id.trace('ids')) or (reference='#' and %rootResource!=%resource)` Mappings rim: n/a rim: The target of a resource reference is a RIM entry point (Act, Role, or Entity) w5: FiveWs.what[x] rim: ./outboundRelationship[isNormalActRelationship() and typeCode=SUBJ]/target OR ./participation[isNormalParticipation() and typeCode=SBJ]/role OR ./participation[isNormalParticipation() and typeCode=SBJ]/role[isNormalRole()]/player fhirauditevent: AuditEvent.entity.reference w3c.prov: Entity Created/Updated
id		0..1	id	There are no (further) constraints on this element Element id Provenance.target.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type id Mappings rim: n/a
extension	I	0..*	Extension	There are no (further) constraints on this element Element id Provenance.target.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Sliced: Unordered, Open, by url(Value) Extensions are always sliced by (at least) url Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a rim: N/A
reference	Σ I	0..1	string	There are no (further) constraints on this element Element id Provenance.target.reference Short description Literal reference, Relative, internal or absolute URL Definition A reference to a location at which the other resource is found. The reference may be a relative reference, in which case it is relative to the service base URL, or an absolute URL that resolves to the location where the resource is found. The reference may be version specific or not. If the reference is not to a FHIR RESTful server, then it should be assumed to be version specific. Internal fragment references (start with '#') refer to contained resources. Comments Using absolute URLs provides a stable scalable approach suitable for a cloud/web context, while using relative/logical references provides a flexible approach suitable for use when trading across closed eco-system boundaries. Absolute URLs do not need to point to a FHIR RESTful server, though this is the preferred approach. If the URL conforms to the structure "/[type]/[id]" then it should be assumed that the reference is to a FHIR RESTful server. Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A
type	Σ	1..1	uriBinding	Element id Provenance.target.type Short description Type the reference refers to (e.g. "Patient") Definition The expected type of the target of the reference. If both Reference.type and Reference.reference are populated and Reference.reference is a FHIR URL, both SHALL be consistent. The type is the Canonical URL of Resource Definition that is the type this reference refers to. References are URLs that are relative to http://hl7.org/fhir/StructureDefinition/ e.g. "Patient" is a reference to http://hl7.org/fhir/StructureDefinition/Patient. Absolute URLs are only allowed for logical models (and can only be used in references in logical models, not resources). Comments This element is used to indicate the type of the target of the reference. This may be used which ever of the other elements are populated (or not). In some cases, the type of the target may be determined by inspection of the reference (e.g. a RESTful URL) or by resolving the target of the reference; if both the type and a reference is provided, the reference SHALL resolve to a resource of the same type as that specified. Data type uri Binding ResourceType (required) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A
identifier	Σ	0..0	Identifier	There are no (further) constraints on this element Element id Provenance.target.identifier Short description Logical reference, when literal reference is not known Definition An identifier for the target resource. This is used when there is no way to reference the other resource directly, either because the entity it represents is not available through a FHIR server, or because there is no way for the author of the resource to convert a known identifier to an actual location. There is no requirement that a Reference.identifier point to something that is actually exposed as a FHIR instance, but it SHALL point to a business concept that would be expected to be exposed as a FHIR instance, and that instance would need to be of a FHIR resource type allowed by the reference. Comments When an identifier is provided in place of a reference, any system processing the reference will only be able to resolve the identifier to a reference if it understands the business context in which the identifier is used. Sometimes this is global (e.g. a national identifier) but often it is not. For this reason, none of the useful mechanisms described for working with references (e.g. chaining, includes) are possible, nor should servers be expected to be able resolve the reference. Servers may accept an identifier based reference untouched, resolve it, and/or reject it - see CapabilityStatement.rest.resource.referencePolicy. When both an identifier and a literal reference are provided, the literal reference is preferred. Applications processing the resource are allowed - but not required - to check that the identifier matches the literal reference Applications converting a logical reference to a literal reference may choose to leave the logical reference present, or remove it. Reference is intended to point to a structure that can potentially be expressed as a FHIR resource, though there is no need for it to exist as an actual FHIR resource instance - except in as much as an application wishes to actual find the target of the reference. The content referred to be the identifier must meet the logical constraints implied by any limitations on what resource types are permitted for the reference. For example, it would not be legitimate to send the identifier for a drug prescription if the type were Reference(Observation\|DiagnosticReport). One of the use-cases for Reference.identifier is the situation where no FHIR representation exists (where the type is Reference (Any). Data type Identifier Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CX / EI (occasionally, more often EI maps to a resource id or a URL) rim: II - The Identifier class is a little looser than the v3 type II because it allows URIs as well as registered OIDs or GUIDs. Also maps to Role[classCode=IDENT] servd: Identifier rim: .identifier
display	Σ	0..0	string	There are no (further) constraints on this element Element id Provenance.target.display Short description Text alternative for the resource Definition Plain text narrative that identifies the resource in addition to the resource reference. Comments This is generally not the same as the Resource.text of the referenced resource. The purpose is to identify what's being referenced, not to fully describe it. Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A
occurred[x]		0..0		There are no (further) constraints on this element Element id Provenance.occurred[x] Short description When the activity occurred Definition The period during which the activity occurred. Comments The period can be a little arbitrary; where possible, the time should correspond to human assessment of the activity time. Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a workflow: Event.occurred[x] w5: FiveWs.done[x] rim: ./effectiveTime[type=IVL_TS] w3c.prov: Activity.startTime & Activity.endTime
recorded	Σ	1..1	instant	There are no (further) constraints on this element Element id Provenance.recorded Short description When the activity was recorded / updated Definition The instant of time at which the activity was recorded. Comments This can be a little different from the time stamp on the resource if there is a delay between recording the event and updating the provenance and target resource. Data type instant Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a w5: FiveWs.recorded rim: unique(./participation[isNormalParticipation() and typeCode=AUT]/time[type=TS]) fhirauditevent: AuditEvent.recorded w3c.prov: Activity.when
policy		0..0	uri	There are no (further) constraints on this element Element id Provenance.policy Short description Policy or plan the activity was defined by Definition Policy or plan the activity was defined by. Typically, a single activity may have multiple applicable policy documents, such as patient consent, guarantor funding, etc. Comments For example: Where an OAuth token authorizes, the unique identifier from the OAuth token is placed into the policy element Where a policy engine (e.g. XACML) holds policy logic, the unique policy identifier is placed into the policy element. Data type uri Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: ./inboundRelationship[isNormalActRelationship() and typeCode="SUBJ"]/source[isNormalAct and subsumes(POLICY, classCode) and moodCode=EVN]/text[typeCode='ED'/tel fhirauditevent: AuditEvent.agent.policy
location	I	0..0	Reference(Location)	There are no (further) constraints on this element Element id Provenance.location Short description Where the activity occurred, if relevant Definition Where the activity occurred, if relevant. Comments References SHALL be a reference to an actual FHIR resource, and SHALL be resolveable (allowing for access control, temporary unavailability, etc.). Resolution can be either by retrieval from the URL, or, where applicable by resource type, by treating an absolute reference as a canonical URL and looking it up in a local registry/repository. Data type Reference(Location) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ref-1: SHALL have a contained resource if a local reference is provided `reference.startsWith('#').not() or (reference.substring(1).trace('url') in %rootResource.contained.id.trace('ids')) or (reference='#' and %rootResource!=%resource)` Mappings rim: n/a rim: The target of a resource reference is a RIM entry point (Act, Role, or Entity) workflow: Event.location w5: FiveWs.where[x] rim: unique(./participation[isNormalParticipation() and typeCode=LOC]/role[isNormalRole() and subsumes(SDLOC, classCode)]/player[isNormalEntity and classCode="LOC" and determinerCode="INST"] fhirauditevent: AuditEvent.agent.location w3c.prov: Activity.location
reason		0..0	CodeableConceptBinding	There are no (further) constraints on this element Element id Provenance.reason Short description Reason the activity is occurring Definition The reason that the activity was taking place. Comments Not all terminology uses fit this general pattern. In some cases, models should not use CodeableConcept and use Coding directly and provide their own structure for managing text, codings, translations and the relationship between elements and pre- and post-coordination. Data type CodeableConcept Binding The reason the activity took place. http://terminology.hl7.org/ValueSet/v3-PurposeOfUse (extensible) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CE/CNE/CWE rim: CD orim: fhir:CodeableConcept rdfs:subClassOf dt:CD workflow: Event.reasonCode w5: FiveWs.why[x] rim: unique(./reasonCode) fhirauditevent: AuditEvent.purposeOfEvent w3c.prov: Activity.Activity
activity		1..1	CodeableConceptBinding	Element id Provenance.activity Short description Activity that occurred Definition An activity is something that occurs over a period of time and acts upon or with entities; it may include consuming, processing, transforming, modifying, relocating, using, or generating entities. Comments Not all terminology uses fit this general pattern. In some cases, models should not use CodeableConcept and use Coding directly and provide their own structure for managing text, codings, translations and the relationship between elements and pre- and post-coordination. Data type CodeableConcept Binding The activity that took place. ProvenanceActivityType (required) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CE/CNE/CWE rim: CD orim: fhir:CodeableConcept rdfs:subClassOf dt:CD workflow: Event.code w5: FiveWs.why[x] rim: Act.code w3c.prov: Activity.Activity
id		0..1	id	There are no (further) constraints on this element Element id Provenance.activity.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type id Mappings rim: n/a
extension	I	0..*	Extension	There are no (further) constraints on this element Element id Provenance.activity.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Sliced: Unordered, Open, by url(Value) Extensions are always sliced by (at least) url Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a rim: N/A
coding	Σ	1..1	Coding	There are no (further) constraints on this element Element id Provenance.activity.coding Short description Code defined by a terminology system Definition A reference to a code defined by a terminology system. Requirements Allows for alternative encodings within a code system, and translations to other code systems. Comments Codes may be defined very casually in enumerations, or code lists, up to very formal definitions such as SNOMED CT - see the HL7 v3 Core Principles for more information. Ordering of codings is undefined and SHALL NOT be used to infer meaning. Generally, at most only one of the coding values will be labeled as UserSelected = true. Data type Coding Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CE/CNE/CWE subset one of the sets of component 1-3 or 4-6 rim: CV orim: fhir:Coding rdfs:subClassOf dt:CDCoding v2: CE.1-8, CE.10-22 rim: union(., ./translation) orim: fhir:CodeableConcept.coding rdfs:subPropertyOf dt:CD.coding
id		0..1	id	There are no (further) constraints on this element Element id Provenance.activity.coding.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type id Mappings rim: n/a
extension	I	0..*	Extension	There are no (further) constraints on this element Element id Provenance.activity.coding.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Sliced: Unordered, Open, by url(Value) Extensions are always sliced by (at least) url Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a rim: N/A
system	Σ	1..1	uriFixed Value	Element id Provenance.activity.coding.system Short description Identity of the terminology system Definition The identification of the code system that defines the meaning of the symbol in the code. Requirements Need to be unambiguous about the source of the definition of the symbol. Comments The URI may be an OID (urn:oid:...) or a UUID (urn:uuid:...). OIDs and UUIDs SHALL be references to the HL7 OID registry. Otherwise, the URI should come from HL7's list of FHIR defined special URIs or it should reference to some definition that establishes the system clearly and unambiguously. Data type uri Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Fixed value http://terminology.hl7.org/CodeSystem/v3-DocumentCompletion Mappings rim: n/a v2: CE.3 rim:* ./codeSystem orim: fhir:Coding.system rdfs:subPropertyOf dt:CDCoding.codeSystem
version	Σ	0..0	string	There are no (further) constraints on this element Element id Provenance.activity.coding.version Short description Version of the system - if relevant Definition The version of the code system which was used when choosing this code. Note that a well-maintained code system does not need the version reported, because the meaning of codes is consistent across versions. However this cannot consistently be assured, and when the meaning is not guaranteed to be consistent, the version SHOULD be exchanged. Comments Where the terminology does not clearly define what string should be used to identify code system versions, the recommendation is to use the date (expressed in FHIR date format) on which that version was officially published as the version date. Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CE.7 rim:* ./codeSystemVersion orim: fhir:Coding.version rdfs:subPropertyOf dt:CDCoding.codeSystemVersion
code	Σ	1..1	codeFixed Value	Element id Provenance.activity.coding.code Short description Symbol in syntax defined by the system Definition A symbol in syntax defined by the system. The symbol may be a predefined code or an expression in a syntax defined by the coding system (e.g. post-coordination). Requirements Need to refer to a particular code in the system. Comments Note that FHIR strings SHALL NOT exceed 1MB in size Data type code Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Fixed value LA Mappings rim: n/a v2: CE.1 rim:* ./code orim: fhir:Coding.code rdfs:subPropertyOf dt:CDCoding.code
display	Σ	1..1	stringFixed Value	Element id Provenance.activity.coding.display Short description Representation defined by the system Definition A representation of the meaning of the code in the system, following the rules of the system. Requirements Need to be able to carry a human-readable meaning of the code for readers that do not know the system. Comments Note that FHIR strings SHALL NOT exceed 1MB in size Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Fixed value legally authenticated Mappings rim: n/a v2: CE.2 - but note this is not well followed rim:* CV.displayName orim: fhir:Coding.display rdfs:subPropertyOf dt:CDCoding.displayName
userSelected	Σ	0..0	boolean	There are no (further) constraints on this element Element id Provenance.activity.coding.userSelected Short description If this coding was chosen directly by the user Definition Indicates that this coding was chosen by a user directly - e.g. off a pick list of available items (codes or displays). Requirements This has been identified as a clinical safety criterium - that this exact system/code pair was chosen explicitly, rather than inferred by the system based on some rules or language processing. Comments Amongst a set of alternatives, a directly chosen code is the most appropriate starting point for new translations. There is some ambiguity about what exactly 'directly chosen' implies, and trading partner agreement may be needed to clarify the use of this element and its consequences more completely. Data type boolean Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: Sometimes implied by being first rim: CD.codingRationale orim: fhir:Coding.userSelected fhir:mapsTo dt:CDCoding.codingRationale. fhir:Coding.userSelected fhir:hasMap fhir:Coding.userSelected.map. fhir:Coding.userSelected.map a fhir:Map; fhir:target dt:CDCoding.codingRationale. fhir:Coding.userSelected\#true a [ fhir:source "true"; fhir:target dt:CDCoding.codingRationale\#O ]
text	Σ	0..0	string	There are no (further) constraints on this element Element id Provenance.activity.text Short description Plain text representation of the concept Definition A human language representation of the concept as seen/selected/uttered by the user who entered the data and/or which represents the intended meaning of the user. Requirements The codes from the terminologies do not always capture the correct meaning with all the nuances of the human using them, or sometimes there is no appropriate code at all. In these cases, the text is used to capture the full meaning of the source. Comments Very often the text is the same as a displayName of one of the codings. Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CE.9. But note many systems use CE.2 for this rim: ./originalText[mediaType/code="text/plain"]/data orim: fhir:CodeableConcept.text rdfs:subPropertyOf dt:CD.originalText
agent		1..1	BackboneElement	There are no (further) constraints on this element Element id Provenance.agent Short description Actor involved Definition An actor taking a role in an activity for which it can be assigned some degree of responsibility for the activity taking place. Requirements An agent can be a person, an organization, software, device, or other entities that may be ascribed responsibility. Comments Several agents may be associated (i.e. has some responsibility for an activity) with an activity and vice-versa. Data type BackboneElement Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a workflow: Event.performer w5: FiveWs.who rim: ./participation[isNormalParticipation()] OR ./outboundRelationship[isNormalActRelationship() and typeCode='DRIV'] fhirauditevent: AuditEvent.agent w3c.prov: Agent
id		0..1	id	There are no (further) constraints on this element Element id Provenance.agent.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type id Mappings rim: n/a
extension	I	0..*	Extension	There are no (further) constraints on this element Element id Provenance.agent.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Sliced: Unordered, Open, by url(Value) Extensions are always sliced by (at least) url Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a rim: N/A
modifierExtension	Σ ?! I	0..*	Extension	There are no (further) constraints on this element Element id Provenance.agent.modifierExtension Short description Extensions that cannot be ignored even if unrecognized Alternate names extensions, user content, modifiers Definition May be used to represent additional information that is not part of the basic definition of the element and that modifies the understanding of the element in which it is contained and/or the understanding of the containing element's descendants. Usually modifier elements provide negation or qualification. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Applications processing a resource are required to check for modifier extensions. Modifier extensions SHALL NOT change the meaning of any elements on Resource or DomainResource (including cannot change the meaning of modifierExtension itself). Requirements Modifier extensions allow for extensions that cannot be safely ignored to be clearly distinguished from the vast majority of extensions which can be safely ignored. This promotes interoperability by eliminating the need for implementers to prohibit the presence of extensions. For further information, see the definition of modifier extensions. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a rim: N/A
type	Σ	1..1	CodeableConceptBinding	Element id Provenance.agent.type Short description How the agent participated Definition The participation the agent had with respect to the activity. Comments For example: author, performer, enterer, attester, etc. Data type CodeableConcept Binding The type of participation that a provenance agent played with respect to the activity. ProvenanceParticipantType (required) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CE/CNE/CWE rim: CD orim: fhir:CodeableConcept rdfs:subClassOf dt:CD workflow: Event.performer.function rim: .role fhirauditevent: AuditEvent.agent.type w3c.prov: Agent.Attribution
id		0..1	id	There are no (further) constraints on this element Element id Provenance.agent.type.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type id Mappings rim: n/a
extension	I	0..*	Extension	There are no (further) constraints on this element Element id Provenance.agent.type.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Sliced: Unordered, Open, by url(Value) Extensions are always sliced by (at least) url Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a rim: N/A
coding	Σ	1..1	Coding	There are no (further) constraints on this element Element id Provenance.agent.type.coding Short description Code defined by a terminology system Definition A reference to a code defined by a terminology system. Requirements Allows for alternative encodings within a code system, and translations to other code systems. Comments Codes may be defined very casually in enumerations, or code lists, up to very formal definitions such as SNOMED CT - see the HL7 v3 Core Principles for more information. Ordering of codings is undefined and SHALL NOT be used to infer meaning. Generally, at most only one of the coding values will be labeled as UserSelected = true. Data type Coding Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CE/CNE/CWE subset one of the sets of component 1-3 or 4-6 rim: CV orim: fhir:Coding rdfs:subClassOf dt:CDCoding v2: CE.1-8, CE.10-22 rim: union(., ./translation) orim: fhir:CodeableConcept.coding rdfs:subPropertyOf dt:CD.coding
id		0..1	id	There are no (further) constraints on this element Element id Provenance.agent.type.coding.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type id Mappings rim: n/a
extension	I	0..*	Extension	There are no (further) constraints on this element Element id Provenance.agent.type.coding.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Sliced: Unordered, Open, by url(Value) Extensions are always sliced by (at least) url Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a rim: N/A
system	Σ	1..1	uriFixed Value	Element id Provenance.agent.type.coding.system Short description Identity of the terminology system Definition The identification of the code system that defines the meaning of the symbol in the code. Requirements Need to be unambiguous about the source of the definition of the symbol. Comments The URI may be an OID (urn:oid:...) or a UUID (urn:uuid:...). OIDs and UUIDs SHALL be references to the HL7 OID registry. Otherwise, the URI should come from HL7's list of FHIR defined special URIs or it should reference to some definition that establishes the system clearly and unambiguously. Data type uri Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Fixed value http://terminology.hl7.org/CodeSystem/provenance-participant-type Mappings rim: n/a v2: CE.3 rim:* ./codeSystem orim: fhir:Coding.system rdfs:subPropertyOf dt:CDCoding.codeSystem
version	Σ	0..0	string	There are no (further) constraints on this element Element id Provenance.agent.type.coding.version Short description Version of the system - if relevant Definition The version of the code system which was used when choosing this code. Note that a well-maintained code system does not need the version reported, because the meaning of codes is consistent across versions. However this cannot consistently be assured, and when the meaning is not guaranteed to be consistent, the version SHOULD be exchanged. Comments Where the terminology does not clearly define what string should be used to identify code system versions, the recommendation is to use the date (expressed in FHIR date format) on which that version was officially published as the version date. Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CE.7 rim:* ./codeSystemVersion orim: fhir:Coding.version rdfs:subPropertyOf dt:CDCoding.codeSystemVersion
code	Σ	1..1	codeFixed Value	Element id Provenance.agent.type.coding.code Short description Symbol in syntax defined by the system Definition A symbol in syntax defined by the system. The symbol may be a predefined code or an expression in a syntax defined by the coding system (e.g. post-coordination). Requirements Need to refer to a particular code in the system. Comments Note that FHIR strings SHALL NOT exceed 1MB in size Data type code Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Fixed value author Mappings rim: n/a v2: CE.1 rim:* ./code orim: fhir:Coding.code rdfs:subPropertyOf dt:CDCoding.code
display	Σ	1..1	stringFixed Value	Element id Provenance.agent.type.coding.display Short description Representation defined by the system Definition A representation of the meaning of the code in the system, following the rules of the system. Requirements Need to be able to carry a human-readable meaning of the code for readers that do not know the system. Comments Note that FHIR strings SHALL NOT exceed 1MB in size Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Fixed value Author Mappings rim: n/a v2: CE.2 - but note this is not well followed rim:* CV.displayName orim: fhir:Coding.display rdfs:subPropertyOf dt:CDCoding.displayName
userSelected	Σ	0..0	boolean	There are no (further) constraints on this element Element id Provenance.agent.type.coding.userSelected Short description If this coding was chosen directly by the user Definition Indicates that this coding was chosen by a user directly - e.g. off a pick list of available items (codes or displays). Requirements This has been identified as a clinical safety criterium - that this exact system/code pair was chosen explicitly, rather than inferred by the system based on some rules or language processing. Comments Amongst a set of alternatives, a directly chosen code is the most appropriate starting point for new translations. There is some ambiguity about what exactly 'directly chosen' implies, and trading partner agreement may be needed to clarify the use of this element and its consequences more completely. Data type boolean Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: Sometimes implied by being first rim: CD.codingRationale orim: fhir:Coding.userSelected fhir:mapsTo dt:CDCoding.codingRationale. fhir:Coding.userSelected fhir:hasMap fhir:Coding.userSelected.map. fhir:Coding.userSelected.map a fhir:Map; fhir:target dt:CDCoding.codingRationale. fhir:Coding.userSelected\#true a [ fhir:source "true"; fhir:target dt:CDCoding.codingRationale\#O ]
text	Σ	0..0	string	There are no (further) constraints on this element Element id Provenance.agent.type.text Short description Plain text representation of the concept Definition A human language representation of the concept as seen/selected/uttered by the user who entered the data and/or which represents the intended meaning of the user. Requirements The codes from the terminologies do not always capture the correct meaning with all the nuances of the human using them, or sometimes there is no appropriate code at all. In these cases, the text is used to capture the full meaning of the source. Comments Very often the text is the same as a displayName of one of the codings. Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CE.9. But note many systems use CE.2 for this rim: ./originalText[mediaType/code="text/plain"]/data orim: fhir:CodeableConcept.text rdfs:subPropertyOf dt:CD.originalText
role		0..0	CodeableConcept	There are no (further) constraints on this element Element id Provenance.agent.role Short description What the agents role was Definition The function of the agent with respect to the activity. The security role enabling the agent with respect to the activity. Comments For example: doctor, nurse, clerk, etc. Data type CodeableConcept Binding The role that a provenance agent played with respect to the activity. SecurityRoleType (example) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CE/CNE/CWE rim: CD orim: fhir:CodeableConcept rdfs:subClassOf dt:CD rim: .typecode fhirauditevent: AuditEvent.agent.role
who	Σ I	1..1	Reference(Organization)	Element id Provenance.agent.who Short description Who participated Definition The individual, device or organization that participated in the event. Comments whoIdentity should be used when the agent is not a Resource type. Data type Reference(Organization) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ref-1: SHALL have a contained resource if a local reference is provided `reference.startsWith('#').not() or (reference.substring(1).trace('url') in %rootResource.contained.id.trace('ids')) or (reference='#' and %rootResource!=%resource)` Mappings rim: n/a rim: The target of a resource reference is a RIM entry point (Act, Role, or Entity) workflow: Event.performer.actor w5: FiveWs.actor rim: .id
id		0..1	id	There are no (further) constraints on this element Element id Provenance.agent.who.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type id Mappings rim: n/a
extension	I	0..*	Extension	There are no (further) constraints on this element Element id Provenance.agent.who.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Sliced: Unordered, Open, by url(Value) Extensions are always sliced by (at least) url Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a rim: N/A
reference	Σ I	1..1	string	There are no (further) constraints on this element Element id Provenance.agent.who.reference Short description Literal reference, Relative, internal or absolute URL Definition A reference to a location at which the other resource is found. The reference may be a relative reference, in which case it is relative to the service base URL, or an absolute URL that resolves to the location where the resource is found. The reference may be version specific or not. If the reference is not to a FHIR RESTful server, then it should be assumed to be version specific. Internal fragment references (start with '#') refer to contained resources. Comments Using absolute URLs provides a stable scalable approach suitable for a cloud/web context, while using relative/logical references provides a flexible approach suitable for use when trading across closed eco-system boundaries. Absolute URLs do not need to point to a FHIR RESTful server, though this is the preferred approach. If the URL conforms to the structure "/[type]/[id]" then it should be assumed that the reference is to a FHIR RESTful server. Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A
type	Σ	0..0	uriBinding	There are no (further) constraints on this element Element id Provenance.agent.who.type Short description Type the reference refers to (e.g. "Patient") Definition The expected type of the target of the reference. If both Reference.type and Reference.reference are populated and Reference.reference is a FHIR URL, both SHALL be consistent. The type is the Canonical URL of Resource Definition that is the type this reference refers to. References are URLs that are relative to http://hl7.org/fhir/StructureDefinition/ e.g. "Patient" is a reference to http://hl7.org/fhir/StructureDefinition/Patient. Absolute URLs are only allowed for logical models (and can only be used in references in logical models, not resources). Comments This element is used to indicate the type of the target of the reference. This may be used which ever of the other elements are populated (or not). In some cases, the type of the target may be determined by inspection of the reference (e.g. a RESTful URL) or by resolving the target of the reference; if both the type and a reference is provided, the reference SHALL resolve to a resource of the same type as that specified. Data type uri Binding ResourceType (extensible) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A
identifier	Σ	0..0	Identifier	There are no (further) constraints on this element Element id Provenance.agent.who.identifier Short description Logical reference, when literal reference is not known Definition An identifier for the target resource. This is used when there is no way to reference the other resource directly, either because the entity it represents is not available through a FHIR server, or because there is no way for the author of the resource to convert a known identifier to an actual location. There is no requirement that a Reference.identifier point to something that is actually exposed as a FHIR instance, but it SHALL point to a business concept that would be expected to be exposed as a FHIR instance, and that instance would need to be of a FHIR resource type allowed by the reference. Comments When an identifier is provided in place of a reference, any system processing the reference will only be able to resolve the identifier to a reference if it understands the business context in which the identifier is used. Sometimes this is global (e.g. a national identifier) but often it is not. For this reason, none of the useful mechanisms described for working with references (e.g. chaining, includes) are possible, nor should servers be expected to be able resolve the reference. Servers may accept an identifier based reference untouched, resolve it, and/or reject it - see CapabilityStatement.rest.resource.referencePolicy. When both an identifier and a literal reference are provided, the literal reference is preferred. Applications processing the resource are allowed - but not required - to check that the identifier matches the literal reference Applications converting a logical reference to a literal reference may choose to leave the logical reference present, or remove it. Reference is intended to point to a structure that can potentially be expressed as a FHIR resource, though there is no need for it to exist as an actual FHIR resource instance - except in as much as an application wishes to actual find the target of the reference. The content referred to be the identifier must meet the logical constraints implied by any limitations on what resource types are permitted for the reference. For example, it would not be legitimate to send the identifier for a drug prescription if the type were Reference(Observation\|DiagnosticReport). One of the use-cases for Reference.identifier is the situation where no FHIR representation exists (where the type is Reference (Any). Data type Identifier Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CX / EI (occasionally, more often EI maps to a resource id or a URL) rim: II - The Identifier class is a little looser than the v3 type II because it allows URIs as well as registered OIDs or GUIDs. Also maps to Role[classCode=IDENT] servd: Identifier rim: .identifier
display	Σ	0..0	string	There are no (further) constraints on this element Element id Provenance.agent.who.display Short description Text alternative for the resource Definition Plain text narrative that identifies the resource in addition to the resource reference. Comments This is generally not the same as the Resource.text of the referenced resource. The purpose is to identify what's being referenced, not to fully describe it. Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A
onBehalfOf	I	0..1	Reference(PractitionerRole \| Organization \| Patient \| Practitioner)	Element id Provenance.agent.onBehalfOf Short description Who the agent is representing Definition The individual, device, or organization for whom the change was made. Comments onBehalfOfIdentity should be used when the agent is not a Resource type. Data type Reference(PractitionerRole \| Organization \| Patient \| Practitioner) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ref-1: SHALL have a contained resource if a local reference is provided `reference.startsWith('#').not() or (reference.substring(1).trace('url') in %rootResource.contained.id.trace('ids')) or (reference='#' and %rootResource!=%resource)` obo-con-2: Reference should be either PractitionerRole or Organization `reference.startsWith('PractitionerRole/') or reference.startsWith('Organization/') or reference.startsWith('Patient/') or reference.startsWith('Practitioner/')` Mappings rim: n/a rim: The target of a resource reference is a RIM entry point (Act, Role, or Entity) rim: Person, Practitioner, Organization, Device :* .role [classCode = RoleClassMutualRelationship; role.code and * .scopes[Role](classCode=IDENT) and *.plays [Role.Code]
id		0..1	id	There are no (further) constraints on this element Element id Provenance.agent.onBehalfOf.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type id Mappings rim: n/a
extension	I	0..*	Extension	There are no (further) constraints on this element Element id Provenance.agent.onBehalfOf.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Sliced: Unordered, Open, by url(Value) Extensions are always sliced by (at least) url Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a rim: N/A
reference	Σ I	1..1	string	There are no (further) constraints on this element Element id Provenance.agent.onBehalfOf.reference Short description Literal reference, Relative, internal or absolute URL Definition A reference to a location at which the other resource is found. The reference may be a relative reference, in which case it is relative to the service base URL, or an absolute URL that resolves to the location where the resource is found. The reference may be version specific or not. If the reference is not to a FHIR RESTful server, then it should be assumed to be version specific. Internal fragment references (start with '#') refer to contained resources. Comments Using absolute URLs provides a stable scalable approach suitable for a cloud/web context, while using relative/logical references provides a flexible approach suitable for use when trading across closed eco-system boundaries. Absolute URLs do not need to point to a FHIR RESTful server, though this is the preferred approach. If the URL conforms to the structure "/[type]/[id]" then it should be assumed that the reference is to a FHIR RESTful server. Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A
type	Σ	0..0	uriBinding	There are no (further) constraints on this element Element id Provenance.agent.onBehalfOf.type Short description Type the reference refers to (e.g. "Patient") Definition The expected type of the target of the reference. If both Reference.type and Reference.reference are populated and Reference.reference is a FHIR URL, both SHALL be consistent. The type is the Canonical URL of Resource Definition that is the type this reference refers to. References are URLs that are relative to http://hl7.org/fhir/StructureDefinition/ e.g. "Patient" is a reference to http://hl7.org/fhir/StructureDefinition/Patient. Absolute URLs are only allowed for logical models (and can only be used in references in logical models, not resources). Comments This element is used to indicate the type of the target of the reference. This may be used which ever of the other elements are populated (or not). In some cases, the type of the target may be determined by inspection of the reference (e.g. a RESTful URL) or by resolving the target of the reference; if both the type and a reference is provided, the reference SHALL resolve to a resource of the same type as that specified. Data type uri Binding ResourceType (extensible) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A
identifier	Σ	0..0	Identifier	There are no (further) constraints on this element Element id Provenance.agent.onBehalfOf.identifier Short description Logical reference, when literal reference is not known Definition An identifier for the target resource. This is used when there is no way to reference the other resource directly, either because the entity it represents is not available through a FHIR server, or because there is no way for the author of the resource to convert a known identifier to an actual location. There is no requirement that a Reference.identifier point to something that is actually exposed as a FHIR instance, but it SHALL point to a business concept that would be expected to be exposed as a FHIR instance, and that instance would need to be of a FHIR resource type allowed by the reference. Comments When an identifier is provided in place of a reference, any system processing the reference will only be able to resolve the identifier to a reference if it understands the business context in which the identifier is used. Sometimes this is global (e.g. a national identifier) but often it is not. For this reason, none of the useful mechanisms described for working with references (e.g. chaining, includes) are possible, nor should servers be expected to be able resolve the reference. Servers may accept an identifier based reference untouched, resolve it, and/or reject it - see CapabilityStatement.rest.resource.referencePolicy. When both an identifier and a literal reference are provided, the literal reference is preferred. Applications processing the resource are allowed - but not required - to check that the identifier matches the literal reference Applications converting a logical reference to a literal reference may choose to leave the logical reference present, or remove it. Reference is intended to point to a structure that can potentially be expressed as a FHIR resource, though there is no need for it to exist as an actual FHIR resource instance - except in as much as an application wishes to actual find the target of the reference. The content referred to be the identifier must meet the logical constraints implied by any limitations on what resource types are permitted for the reference. For example, it would not be legitimate to send the identifier for a drug prescription if the type were Reference(Observation\|DiagnosticReport). One of the use-cases for Reference.identifier is the situation where no FHIR representation exists (where the type is Reference (Any). Data type Identifier Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CX / EI (occasionally, more often EI maps to a resource id or a URL) rim: II - The Identifier class is a little looser than the v3 type II because it allows URIs as well as registered OIDs or GUIDs. Also maps to Role[classCode=IDENT] servd: Identifier rim: .identifier
display	Σ	0..0	string	There are no (further) constraints on this element Element id Provenance.agent.onBehalfOf.display Short description Text alternative for the resource Definition Plain text narrative that identifies the resource in addition to the resource reference. Comments This is generally not the same as the Resource.text of the referenced resource. The purpose is to identify what's being referenced, not to fully describe it. Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A
entity		0..0	BackboneElement	There are no (further) constraints on this element Element id Provenance.entity Short description An entity used in this activity Definition An entity used in this activity. Data type BackboneElement Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: ./subjectOf fhirauditevent: AuditEvent.entity w3c.prov: Entity
signature		1..1	Signature	There are no (further) constraints on this element Element id Provenance.signature Short description Signature on target Definition A digital signature on the target Reference(s). The signer should match a Provenance.agent. The purpose of the signature is indicated. Comments The elements of the Signature Resource are for ease of access of these elements. For digital signatures (Xml DigSig, JWS), the non-repudiation proof comes from the Signature validation, which includes validation of the referenced objects (e.g. Resources) (a.k.a., Content) in the XML-Signature Detached form. Data type Signature Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A rim: ./signatureText
id		0..1	id	There are no (further) constraints on this element Element id Provenance.signature.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type id Mappings rim: n/a
extension	I	0..*	Extension	There are no (further) constraints on this element Element id Provenance.signature.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Sliced: Unordered, Open, by url(Value) Extensions are always sliced by (at least) url Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a rim: N/A
type	Σ	1..1	CodingBinding	Element id Provenance.signature.type Short description Indication of the reason the entity signed the object(s) Definition An indication of the reason that the entity signed this document. This may be explicitly included as part of the signature information and can be used when determining accountability for various actions concerning the document. Comments Examples include attesting to: authorship, correct transcription, and witness of specific event. Also known as a "Commitment Type Indication". Data type Coding Binding SignatureTypeCodes (required) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CE/CNE/CWE subset one of the sets of component 1-3 or 4-6 rim: CV orim: fhir:Coding rdfs:subClassOf dt:CDCoding
id		0..1	id	There are no (further) constraints on this element Element id Provenance.signature.type.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type id Mappings rim: n/a
extension	I	0..*	Extension	There are no (further) constraints on this element Element id Provenance.signature.type.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Sliced: Unordered, Open, by url(Value) Extensions are always sliced by (at least) url Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a rim: N/A
system	Σ	1..1	uriFixed Value	Element id Provenance.signature.type.system Short description Identity of the terminology system Definition The identification of the code system that defines the meaning of the symbol in the code. Requirements Need to be unambiguous about the source of the definition of the symbol. Comments The URI may be an OID (urn:oid:...) or a UUID (urn:uuid:...). OIDs and UUIDs SHALL be references to the HL7 OID registry. Otherwise, the URI should come from HL7's list of FHIR defined special URIs or it should reference to some definition that establishes the system clearly and unambiguously. Data type uri Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Fixed value urn:iso-astm:E1762-95:2013 Mappings rim: n/a v2: CE.3 rim:* ./codeSystem orim: fhir:Coding.system rdfs:subPropertyOf dt:CDCoding.codeSystem
version	Σ	0..0	string	There are no (further) constraints on this element Element id Provenance.signature.type.version Short description Version of the system - if relevant Definition The version of the code system which was used when choosing this code. Note that a well-maintained code system does not need the version reported, because the meaning of codes is consistent across versions. However this cannot consistently be assured, and when the meaning is not guaranteed to be consistent, the version SHOULD be exchanged. Comments Where the terminology does not clearly define what string should be used to identify code system versions, the recommendation is to use the date (expressed in FHIR date format) on which that version was officially published as the version date. Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CE.7 rim:* ./codeSystemVersion orim: fhir:Coding.version rdfs:subPropertyOf dt:CDCoding.codeSystemVersion
code	Σ	1..1	codeFixed Value	Element id Provenance.signature.type.code Short description Symbol in syntax defined by the system Definition A symbol in syntax defined by the system. The symbol may be a predefined code or an expression in a syntax defined by the coding system (e.g. post-coordination). Requirements Need to refer to a particular code in the system. Comments Note that FHIR strings SHALL NOT exceed 1MB in size Data type code Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Fixed value 1.2.840.10065.1.12.1.1 Mappings rim: n/a v2: CE.1 rim:* ./code orim: fhir:Coding.code rdfs:subPropertyOf dt:CDCoding.code
display	Σ	1..1	stringFixed Value	Element id Provenance.signature.type.display Short description Representation defined by the system Definition A representation of the meaning of the code in the system, following the rules of the system. Requirements Need to be able to carry a human-readable meaning of the code for readers that do not know the system. Comments Note that FHIR strings SHALL NOT exceed 1MB in size Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Fixed value Author's Signature Mappings rim: n/a v2: CE.2 - but note this is not well followed rim:* CV.displayName orim: fhir:Coding.display rdfs:subPropertyOf dt:CDCoding.displayName
userSelected	Σ	0..0	boolean	There are no (further) constraints on this element Element id Provenance.signature.type.userSelected Short description If this coding was chosen directly by the user Definition Indicates that this coding was chosen by a user directly - e.g. off a pick list of available items (codes or displays). Requirements This has been identified as a clinical safety criterium - that this exact system/code pair was chosen explicitly, rather than inferred by the system based on some rules or language processing. Comments Amongst a set of alternatives, a directly chosen code is the most appropriate starting point for new translations. There is some ambiguity about what exactly 'directly chosen' implies, and trading partner agreement may be needed to clarify the use of this element and its consequences more completely. Data type boolean Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: Sometimes implied by being first rim: CD.codingRationale orim: fhir:Coding.userSelected fhir:mapsTo dt:CDCoding.codingRationale. fhir:Coding.userSelected fhir:hasMap fhir:Coding.userSelected.map. fhir:Coding.userSelected.map a fhir:Map; fhir:target dt:CDCoding.codingRationale. fhir:Coding.userSelected\#true a [ fhir:source "true"; fhir:target dt:CDCoding.codingRationale\#O ]
when	Σ	1..1	instant	There are no (further) constraints on this element Element id Provenance.signature.when Short description When the signature was created Definition When the digital signature was signed. Comments This should agree with the information in the signature. Data type instant Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a
who	Σ I	1..1	Reference(Organization)	Element id Provenance.signature.who Short description Who signed Definition A reference to an application-usable description of the identity that signed (e.g. the signature used their private key). Comments This should agree with the information in the signature. Data type Reference(Organization) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ref-1: SHALL have a contained resource if a local reference is provided `reference.startsWith('#').not() or (reference.substring(1).trace('url') in %rootResource.contained.id.trace('ids')) or (reference='#' and %rootResource!=%resource)` Mappings rim: n/a rim: The target of a resource reference is a RIM entry point (Act, Role, or Entity)
id		0..1	id	There are no (further) constraints on this element Element id Provenance.signature.who.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type id Mappings rim: n/a
extension	I	0..*	Extension	There are no (further) constraints on this element Element id Provenance.signature.who.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Sliced: Unordered, Open, by url(Value) Extensions are always sliced by (at least) url Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a rim: N/A
reference	Σ I	1..1	string	There are no (further) constraints on this element Element id Provenance.signature.who.reference Short description Literal reference, Relative, internal or absolute URL Definition A reference to a location at which the other resource is found. The reference may be a relative reference, in which case it is relative to the service base URL, or an absolute URL that resolves to the location where the resource is found. The reference may be version specific or not. If the reference is not to a FHIR RESTful server, then it should be assumed to be version specific. Internal fragment references (start with '#') refer to contained resources. Comments Using absolute URLs provides a stable scalable approach suitable for a cloud/web context, while using relative/logical references provides a flexible approach suitable for use when trading across closed eco-system boundaries. Absolute URLs do not need to point to a FHIR RESTful server, though this is the preferred approach. If the URL conforms to the structure "/[type]/[id]" then it should be assumed that the reference is to a FHIR RESTful server. Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A
type	Σ	0..0	uriBinding	There are no (further) constraints on this element Element id Provenance.signature.who.type Short description Type the reference refers to (e.g. "Patient") Definition The expected type of the target of the reference. If both Reference.type and Reference.reference are populated and Reference.reference is a FHIR URL, both SHALL be consistent. The type is the Canonical URL of Resource Definition that is the type this reference refers to. References are URLs that are relative to http://hl7.org/fhir/StructureDefinition/ e.g. "Patient" is a reference to http://hl7.org/fhir/StructureDefinition/Patient. Absolute URLs are only allowed for logical models (and can only be used in references in logical models, not resources). Comments This element is used to indicate the type of the target of the reference. This may be used which ever of the other elements are populated (or not). In some cases, the type of the target may be determined by inspection of the reference (e.g. a RESTful URL) or by resolving the target of the reference; if both the type and a reference is provided, the reference SHALL resolve to a resource of the same type as that specified. Data type uri Binding ResourceType (extensible) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A
identifier	Σ	0..0	Identifier	There are no (further) constraints on this element Element id Provenance.signature.who.identifier Short description Logical reference, when literal reference is not known Definition An identifier for the target resource. This is used when there is no way to reference the other resource directly, either because the entity it represents is not available through a FHIR server, or because there is no way for the author of the resource to convert a known identifier to an actual location. There is no requirement that a Reference.identifier point to something that is actually exposed as a FHIR instance, but it SHALL point to a business concept that would be expected to be exposed as a FHIR instance, and that instance would need to be of a FHIR resource type allowed by the reference. Comments When an identifier is provided in place of a reference, any system processing the reference will only be able to resolve the identifier to a reference if it understands the business context in which the identifier is used. Sometimes this is global (e.g. a national identifier) but often it is not. For this reason, none of the useful mechanisms described for working with references (e.g. chaining, includes) are possible, nor should servers be expected to be able resolve the reference. Servers may accept an identifier based reference untouched, resolve it, and/or reject it - see CapabilityStatement.rest.resource.referencePolicy. When both an identifier and a literal reference are provided, the literal reference is preferred. Applications processing the resource are allowed - but not required - to check that the identifier matches the literal reference Applications converting a logical reference to a literal reference may choose to leave the logical reference present, or remove it. Reference is intended to point to a structure that can potentially be expressed as a FHIR resource, though there is no need for it to exist as an actual FHIR resource instance - except in as much as an application wishes to actual find the target of the reference. The content referred to be the identifier must meet the logical constraints implied by any limitations on what resource types are permitted for the reference. For example, it would not be legitimate to send the identifier for a drug prescription if the type were Reference(Observation\|DiagnosticReport). One of the use-cases for Reference.identifier is the situation where no FHIR representation exists (where the type is Reference (Any). Data type Identifier Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CX / EI (occasionally, more often EI maps to a resource id or a URL) rim: II - The Identifier class is a little looser than the v3 type II because it allows URIs as well as registered OIDs or GUIDs. Also maps to Role[classCode=IDENT] servd: Identifier rim: .identifier
display	Σ	0..0	string	There are no (further) constraints on this element Element id Provenance.signature.who.display Short description Text alternative for the resource Definition Plain text narrative that identifies the resource in addition to the resource reference. Comments This is generally not the same as the Resource.text of the referenced resource. The purpose is to identify what's being referenced, not to fully describe it. Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A
onBehalfOf	Σ I	0..1	Reference(PractitionerRole \| Organization \| Patient \| Practitioner)	Element id Provenance.signature.onBehalfOf Short description The party represented Definition A reference to an application-usable description of the identity that is represented by the signature. Requirements used when the signature is on behalf of a non-signer. Comments The party that can't sign. For example a child. Data type Reference(PractitionerRole \| Organization \| Patient \| Practitioner) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ref-1: SHALL have a contained resource if a local reference is provided `reference.startsWith('#').not() or (reference.substring(1).trace('url') in %rootResource.contained.id.trace('ids')) or (reference='#' and %rootResource!=%resource)` obo-con-1: Reference should be either PractitionerRole or Organization `reference.startsWith('PractitionerRole/') or reference.startsWith('Organization/') or reference.startsWith('Patient/') or reference.startsWith('Practitioner/')` Mappings rim: n/a rim: The target of a resource reference is a RIM entry point (Act, Role, or Entity)
id		0..1	id	There are no (further) constraints on this element Element id Provenance.signature.onBehalfOf.id Short description Unique id for inter-element referencing Definition Unique id for the element within a resource (for internal references). This may be any string value that does not contain spaces. Data type id Mappings rim: n/a
extension	I	0..*	Extension	There are no (further) constraints on this element Element id Provenance.signature.onBehalfOf.extension Short description Additional content defined by implementations Alternate names extensions, user content Definition May be used to represent additional information that is not part of the basic definition of the element. To make the use of extensions safe and manageable, there is a strict set of governance applied to the definition and use of extensions. Though any implementer can define an extension, there is a set of requirements that SHALL be met as part of the definition of the extension. Comments There can be no stigma associated with the use of extensions by any application, project, or standard - regardless of the institution or jurisdiction that uses or defines the extensions. The use of extensions is what allows the FHIR specification to retain a core level of simplicity for everyone. Data type Extension Sliced: Unordered, Open, by url(Value) Extensions are always sliced by (at least) url Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` ext-1: Must have either extensions or value[x], not both `extension.exists() != value.exists()` Mappings rim: n/a rim: N/A
reference	Σ I	1..1	string	There are no (further) constraints on this element Element id Provenance.signature.onBehalfOf.reference Short description Literal reference, Relative, internal or absolute URL Definition A reference to a location at which the other resource is found. The reference may be a relative reference, in which case it is relative to the service base URL, or an absolute URL that resolves to the location where the resource is found. The reference may be version specific or not. If the reference is not to a FHIR RESTful server, then it should be assumed to be version specific. Internal fragment references (start with '#') refer to contained resources. Comments Using absolute URLs provides a stable scalable approach suitable for a cloud/web context, while using relative/logical references provides a flexible approach suitable for use when trading across closed eco-system boundaries. Absolute URLs do not need to point to a FHIR RESTful server, though this is the preferred approach. If the URL conforms to the structure "/[type]/[id]" then it should be assumed that the reference is to a FHIR RESTful server. Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A
type	Σ	0..0	uriBinding	There are no (further) constraints on this element Element id Provenance.signature.onBehalfOf.type Short description Type the reference refers to (e.g. "Patient") Definition The expected type of the target of the reference. If both Reference.type and Reference.reference are populated and Reference.reference is a FHIR URL, both SHALL be consistent. The type is the Canonical URL of Resource Definition that is the type this reference refers to. References are URLs that are relative to http://hl7.org/fhir/StructureDefinition/ e.g. "Patient" is a reference to http://hl7.org/fhir/StructureDefinition/Patient. Absolute URLs are only allowed for logical models (and can only be used in references in logical models, not resources). Comments This element is used to indicate the type of the target of the reference. This may be used which ever of the other elements are populated (or not). In some cases, the type of the target may be determined by inspection of the reference (e.g. a RESTful URL) or by resolving the target of the reference; if both the type and a reference is provided, the reference SHALL resolve to a resource of the same type as that specified. Data type uri Binding ResourceType (extensible) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A
identifier	Σ	0..0	Identifier	There are no (further) constraints on this element Element id Provenance.signature.onBehalfOf.identifier Short description Logical reference, when literal reference is not known Definition An identifier for the target resource. This is used when there is no way to reference the other resource directly, either because the entity it represents is not available through a FHIR server, or because there is no way for the author of the resource to convert a known identifier to an actual location. There is no requirement that a Reference.identifier point to something that is actually exposed as a FHIR instance, but it SHALL point to a business concept that would be expected to be exposed as a FHIR instance, and that instance would need to be of a FHIR resource type allowed by the reference. Comments When an identifier is provided in place of a reference, any system processing the reference will only be able to resolve the identifier to a reference if it understands the business context in which the identifier is used. Sometimes this is global (e.g. a national identifier) but often it is not. For this reason, none of the useful mechanisms described for working with references (e.g. chaining, includes) are possible, nor should servers be expected to be able resolve the reference. Servers may accept an identifier based reference untouched, resolve it, and/or reject it - see CapabilityStatement.rest.resource.referencePolicy. When both an identifier and a literal reference are provided, the literal reference is preferred. Applications processing the resource are allowed - but not required - to check that the identifier matches the literal reference Applications converting a logical reference to a literal reference may choose to leave the logical reference present, or remove it. Reference is intended to point to a structure that can potentially be expressed as a FHIR resource, though there is no need for it to exist as an actual FHIR resource instance - except in as much as an application wishes to actual find the target of the reference. The content referred to be the identifier must meet the logical constraints implied by any limitations on what resource types are permitted for the reference. For example, it would not be legitimate to send the identifier for a drug prescription if the type were Reference(Observation\|DiagnosticReport). One of the use-cases for Reference.identifier is the situation where no FHIR representation exists (where the type is Reference (Any). Data type Identifier Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a v2: CX / EI (occasionally, more often EI maps to a resource id or a URL) rim: II - The Identifier class is a little looser than the v3 type II because it allows URIs as well as registered OIDs or GUIDs. Also maps to Role[classCode=IDENT] servd: Identifier rim: .identifier
display	Σ	0..0	string	There are no (further) constraints on this element Element id Provenance.signature.onBehalfOf.display Short description Text alternative for the resource Definition Plain text narrative that identifies the resource in addition to the resource reference. Comments This is generally not the same as the Resource.text of the referenced resource. The purpose is to identify what's being referenced, not to fully describe it. Data type string Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a rim: N/A
targetFormat		1..1	codeBindingFixed Value	Element id Provenance.signature.targetFormat Short description The technical format of the signed resources Definition A mime type that indicates the technical format of the target resources signed by the signature. Comments "xml", "json" and "ttl" are allowed, which describe the simple encodings described in the specification (and imply appropriate bundle support). Otherwise, mime types are legal here. Data type code Binding BCP 13 (RFCs 2045, 2046, 2047, 4288, 4289 and 2049) Mime Types (required) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Fixed value application/fhir+json Mappings rim: n/a
sigFormat		1..1	codeBindingFixed Value	Element id Provenance.signature.sigFormat Short description The technical format of the signature Definition A mime type that indicates the technical format of the signature. Important mime types are application/signature+xml for X ML DigSig, application/jose for JWS, and image/* for a graphical image of a signature, etc. Comments Note that FHIR strings SHALL NOT exceed 1MB in size Data type code Binding BCP 13 (RFCs 2045, 2046, 2047, 4288, 4289 and 2049) Mime Types (required) Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Fixed value application/jose Mappings rim: n/a
data		1..1	base64Binary	There are no (further) constraints on this element Element id Provenance.signature.data Short description The actual signature content (XML DigSig. JWS, picture, etc.) Definition The base64 encoding of the Signature content. When signature is not recorded electronically this element would be empty. Comments Where the signature type is an XML DigSig, the signed content is a FHIR Resource(s), the signature is of the XML form of the Resource(s) using XML-Signature (XMLDIG) "Detached Signature" form. Data type base64Binary Constraints ele-1: All FHIR elements must have a @value or children unless an empty Parameters resource `hasValue() or (children().count() > id.count()) or $this is Parameters` Mappings rim: n/a

📝 Papildus: "Provenance" resursa validācijas:

Lauka "Provenance.agent.who.reference" vērtībai jābūt vienādai ar lauka "Provenance.signature.who.reference" vērtību – abos laukos tiek sagaidīts vienmēr iestādes identifikators no FHIR
Lauka "Provenance.agent.onBehalfOf.reference" vērtībai jābūt vienādai ar lauka "Provenance.signature.onBehalfOf.reference" vērtību – Ja laukos "Provenance.signature.onBehalfOf" un "Provenance.agent.onBehalfOf" norādiet resursu:
- "PractitionerRole", tad abos laukos "Provenance.agent.onBehalfOf.reference" un "Provenance.signature.onBehalfOf.reference" tiek sagaidīts ĀP darba vietas (2.37 klasifikators) identifikators no FHIR;
- "Organization", tad abos laukos "Provenance.agent.onBehalfOf.reference" un "Provenance.signature.onBehalfOf.reference" tiek sagaidīts Iestādes (2.23 klasifikators) identifikators no FHIR;
- "Patient", tad abos laukos "Provenance.agent.onBehalfOf.reference" un "Provenance.signature.onBehalfOf.reference" tiek sagaidīts Pacienta identifikators no FHIR;
- "Practitioner", tad abos laukos "Provenance.agent.onBehalfOf.reference" un "Provenance.signature.onBehalfOf.reference" tiek sagaidīts ĀP (2.1 klasifikators) identifikators no FHIR;
Norādītajiem references resursu datiem ir jāsakrīt ar pieprasījuma sūtīšanā izmantotā JWT talona datiem - Ja laukos "Provenance.signature.onBehalfOf" un "Provenance.agent.onBehalfOf" norādiet resursu:
- "PractitionerRole", tad JWT talona "sub" lauka vērtībai (tiek paņemts ĀP darba vietas kods) ir jāsakrīt ar ĀP darba vietas kodu, kas tiek iegūts no FHIR pēc norādīto lauku "Provenance.agent.onBehalfOf.reference" un "Provenance.signature.onBehalfOf.reference" identifikatora vērtībām;
- "Organization", tad JWT talona "VIAuthorityCode" kodam ir jāsakrīt ar Iestādes VI kodu, kas tiek iegūts no FHIR pēc norādīto lauku "Provenance.agent.onBehalfOf.reference" un "Provenance.signature.onBehalfOf.reference" identifikatora vērtībām;
- "Patient", tad JWT talona "privatePersonalIdentifier" kodam ir jāsakrīt ar Pacienta personas kodu, kas tiek iegūts no FHIR pēc norādīto lauku "Provenance.agent.onBehalfOf.reference" un "Provenance.signature.onBehalfOf.reference" identifikatora vērtībām;
- "Practitioner", tad JWT talona "VIMedicalCode" kodam ir jāsakrīt ar ĀP VI kodu, kas tiek iegūts no FHIR pēc norādīto lauku "Provenance.agent.onBehalfOf.reference" un "Provenance.signature.onBehalfOf.reference" identifikatora vērtībām;

Pieprasījuma izveide un parakstīšana

LAB IS FHIR API reģistrācijas vai labošanas pieprasījumiem ir sekojoša struktūra: RequestStructure Veidojot pieprasījumu LAB IS FHIR API, tā saturiskā informācija ir jāparaksta, lai nodrošinātu tās uzticamību un izvairītos no ziņojumu viltošanas.

Ar saturisko informāciju saprotam pieprasījuma Body daļas informāciju.

Vispārējā informācija par sniedzamo datu parakstīšanu

Parakstīšana ir nepieciešama nenoliedzamības prasību izpildes nodrošināšanai.

Datu parakstīšana ir obligāta CREATE un UPDATE operācijām LAB IS (izņemot gadījumus, kur pierasījumā tiek strādāts ar paceita resursu "Patient").
LAB IS sistēmas galapunkti, kuru izmantošana paredz datu parakstīšanu:

POST pieprasījumi {Host}/fhir/api/{resouce};
PUT, PATCH pieprasījumi {Host}/fhir/api/{resouce}/{resouce system id}.

Parakstīšanā tiek izmantots JWS standarts, kura formāts ir: {JWS_Header}.{JWS_Payload}.{JWS_Signature}:

kur {JWS_Header} ietver tehnisko informāciju par parakstu. Sadaļa ir kodēta BASE64URL formātā;
kur {JWS_Payload} ir pati parakstāmā daļa (biznesa/pieprasījuma dati), kodēta BASE64URL formātā. JWS Payload netiek pievienots saskaņā ar Detached content prasību;
kur {JWS_Signature} ir paraksts, kas tika izmantots {JWS_Header} un {JWS_Payload} parakstīšanai, kodēts BASE64URL formātā.

Apstrādājot JSON datus JWS paraksta ietvaros datu formatējums ir vienmēr “minified”.

Pieprasījuma izveides process

Izveido pieprasījuma JSON struktūru UTF8 kodējumā ar unescaped simboliem.
Izveido JWS Header JSON struktūru. Struktūra satur parametrus, kuri apraksta izmantoto šifrēšanas pieeju.

Prasības pret šo struktūru:

struktūrai jābūt pareizam JSON objektam (skat. https://datatracker.ietf.org/doc/html/rfc7159) “minified” formatējumā;
JSON objektam jābūt UTF-8 kodējumā ar unescaped simboliem;
struktūras parametri:

Lauks	Kardinalitāte	Apraksts	Komentāri
alg	1..1	Kriptogrāfisks algoritms, kurš tika izmantots paraksta veidošanā	Sagaidāma vērtība “RS256”. Case-sensitive ASCII string.
keys[]	1..1	Informācija par publisko atslēgu, kas atbilst atslēgai, kura tika izmantota parakstīšanā	JSON objekts
keys[].kty	1..1	Atslēgas tips, apraksta kriptogrāfisko algoritmu saimi	Sagaidāma vērtība “RSA”. Case-sensitive string.
keys[].use	1..1	Pielietojuma parametrs, apraksta publiskās atslēgas mērķa pielietojumu.	Sagaidāma vērtība "sig" – (signature). Case-sensitive string.
keys[].x5t	1..1	Publiskās atslēgas thumbprint	Publiskās atslēgas thumbprint vērtība Base64url kodējumā.
keys[].e	1..1	RSA publiskās atslēgas parametrs exponent e	Sagaidāma RSA publiskās atslēgas "e" (exponent) parametra vērtība Base64urlUInt kodējumā.
keys[].n	1..1	RSA publiskās atslēgas parametrs modulus n	Sagaidāma RSA publiskās atslēgas "n" (modulus) parametra vērtība Base64urlUInt kodējumā.
sig_type	1..1	Paraksta tipa apraksts	JSON objekts.
sig_type.system	1..1	HL7 klasifikators "Parakstu tipi"	Sagaidāma vērtība “urn:iso-astm:E1762-95:2013”.
sig_type.code	1..1	Klasifikatora kods	Sagaidāma vērtība “1.2.840.10065.1.12.1.1”.
sig_type.display	1..1	Klasifikatora koda nosaukums	Sagaidāma vērtība “Author's Signature”. Case-sensitive string.

Piemērta JWS header struktūra ar reducētiem sertifikāta datiem

{
    "alg": "RS256",
    "keys": [
        {
            "e": "",
            "kty": "RSA",
            "n": "",
            "use": "sig",
            "x5t": ""
        }
    ],
    "sig_type": {
        "code": "1.2.840.10065.1.12.1.1",
        "display": "Author's Signature",
        "system": "urn:iso-astm:E1762-95:2013"
    }
}

JWS Header struktūra tiek pārkodēta uz Base64URL.

Izveido JSON struktūru, kura būs jāparaksta (JWS Payload):

Struktūrai jābūt valīdam JSON (skat. https://datatracker.ietf.org/doc/html/rfc7159) “minified” formatējumā;
JSON jābūt UTF-8 kodējumā ar unescaped simboliem;
JSON pieprasījuma Body ir vienīgie dati kuri tiek iekļaujami JWS Payload.
Šādi izveidoto JSON dokumentu kodē Base64URL.

Lai izvairītos no satura pārsūtīšanas dubultā apjomā, JWS Payload struktūra nav paredzēta pārsūtīšanai, tā tiks izmantota tālākiem aprēķiniem.

Izveido JWS Signature struktūru:

Apvieno struktūras JWS Header un JWS Payload, atdalot tos ar punktu

ASCII( BASE64URL(JWS Header) || ‘.’ || BASE64URL(JWS Payload) )

Datiem ir jābūt ASCII kodējumā.

Apvienoto Base64URL stringu hašo ar SHA256 algoritmu.
Hash funkcijas rezultāts (hash summa) tiek parakstīts (šifrēts) izmantojot RSA asimetriskās kriptogrāfijas algoritmu (kas tiek definēts JWS Header parametrā "alg") ar padding " RSASSA-PKCS1-v1_5", kur kā parakstīšanas atslēga tiek izmantota pieprasījuma sūtītāja sertifikāta privātā atslēga.
Iegūtos parakstītos datus kodē Base64URL.

Daļas tiek savienotas kopā sekojošā struktūrā

BASE64URL(JWS Header) || ‘.’ || ‘ ’ || ‘.’ || BASE64URL(JWS Signature)

JWS Payload netiek pievienots atbilstoši JWS dokumentācijai (https://www.rfc-editor.org/rfc/rfc7515.html#appendix-F) detached content prasības dēļ.

“Detached content” norāda, ka, sūtot pieprasījumu, paraksta datos netiek iekļauts parakstītais pieprasījuma JWS Payload.

Paraksta formātā {JWS_Header}.{JWS_Payload}.{JWS_Signature}" formāta daļa tiek aizstāta ar tukšu string, lai izvairītos no satura pārsūtīšanas dubultā apjomā.

Iegūtā struktūra jānokodē uz Base64.
Iepriekšējā punktā iegūtais string ievieto Provenance resursa objektā Provenance.Signature.Data (http://hl7.org/fhir/R4B/datatypes.html#Signature)

Sagatavoto pieprasījumu nosūta FHIR API

Pieprasījuma Body daļai ir jāatbilst definētajam resursu izsaukuma profilam un jāsatur visa nepieciešamā biznesa informācija.
Pieprasījuma Header laukā “X-Provenance” ir jāievieto paraksta Provenance profilam atbilstošajā JSON objektā, ieskaitot iepriekšējā punkta c. apakšpunktā pieminētā string vērtība.

Piemēra pierasījuma json ko paraksta

{
    "resourceType": "DiagnosticReport",
    "meta": {
        "profile": [
            "https://lab.vvis.gov.lv/fhir/StructureDefinition/DiagnosticReport/LaboratoryReport-v1"
        ]
    },
    "identifier": {
            "assigner": {
            "reference": "Organization/01H0JKDZ1FFX0YQ408ZRDRA1VF/_history/1",
            "type": "Organization"
        },
        "value": "Pārskats 1.1.1."
    },
    "basedOn": {
        "type": "ServiceRequest",
        "display": "EGL"
    },
    "status": "preliminary",
    "category": [
        {
            "coding": {
                "system": "https://vvis.gov.lv/fhir/ValueSet/1.3.6.1.4.1.38760.2.801",
                "code": "CG",
                "display": "Citoģenētika"
            }
        },
        {
            "coding": {
                "system": "https://vvis.gov.lv/fhir/ValueSet/1.3.6.1.4.1.38760.2.801",
                "code": "BLB",
                "display": "Asins banka"
            }
        }
    ],
    "code": {
        "coding": {
            "system": "https://vvis.gov.lv/fhir/ValueSet/1.3.6.1.4.1.38760.2.805",
            "code": "LAB",
            "display": "Laboratorisko rezultātu pārskats"
        }
    },
    "subject": {
        "reference": "Patient/01GZX3V188FWEDYME2PDRC4B5W",
        "type": "Patient"
    },
    "effectivePeriod": {
        "start": "2023-09-10T01:25:43.511Z",
        "end": "2023-09-10T01:25:43.511Z"
    },
    "issued": "2023-06-15T01:25:43.511Z",
    "performer": {
        "reference": "Organization/01H0JKDZ1FFX0YQ408ZRDRA1VF/_history/1",
        "type": "Organization"
    },
    "resultsInterpreter": {
        "reference": "PractitionerRole/01H0N8DZYBDG0SBMVBRENZSWHQ/_history/13",
        "type": "PractitionerRole"
    },
    "conclusion": "Mērijumu nenoteiktības, testēšanas metodes un privātuma politika mājas lapā: www.egl.lv. Testēšanas rezultāti attiecas tikai uz konkrētajiem testēšanas objektiem.Testēšanas pārskats pārbaudīts elektroniski un ir derīgs bez ārsta paraksta.",
    "conclusionCode": {
        "coding": {
            "system": "https://vvis.gov.lv/fhir/ValueSet/1.3.6.1.4.1.38760.2.806",
            "code": "critical",
            "display": "Kristisks"
        }
    },
    "presentedForm": [
        {
            "contentType": "application/pdf",
            "url": "Binary/01H8XS4MCAHBVD4854X49YPJ7C/_history/1",
            "size": "12000",
            "title": "Rezultātu pārskata PDF"
        }
    ]
}

Piemēra provenaces json, kas satur praksta informāciju (lasāmības nolūkiem formatēts pretty-print)

{
    "activity": {
        "coding": [
            {
                "code": "LA",
                "display": "legally authenticated",
                "system": "http://terminology.hl7.org/CodeSystem/v3-DocumentCompletion"
            }
        ]
    },
    "agent": [
        {
            "onBehalfOf": {
                "reference": "Organization/01H0JKDZ1FPQN126V7CJ1MXVZ2"
            },
            "type": {
                "coding": [
                    {
                        "code": "author",
                        "display": "Author",
                        "system": "http://terminology.hl7.org/CodeSystem/provenance-participant-type"
                    }
                ]
            },
            "who": {
                "reference": "Organization/01H0JKDZ1FPQN126V7CJ1MXVZ2"
            }
        }
    ],
    "meta": {
        "profile": [
            "https://vvis.gov.lv/fhir/StructureDefinition/Provenance/SignatureProvenance-v1"
        ]
    },
    "recorded": "2024-01-12T07:23:35.0645358+00:00",
    "resourceType": "Provenance",
    "signature": [
        {
            "data": "ZXlKaGJHY2lPaUpTVXpJMU5pSXNJbXRsZVhNaU9sdDdJbXQwZVNJNklsSlRRU0lzSW5WelpTSTZJbk5wWnlJc0luZzFkQ0k2SWpJNVlVSmplRGR1VG1wWFpERkxlRFV0TWs1bmVUaHZNR2h0V1NJc0ltVWlPaUpCVVVGQ0lpd2liaUk2SW1wV1ZGUkxUVTAxZVc1VWRIQkdUMVJGU0RSMGVsVjFURTluVEVaeFRHRk5Wbk50TFhSTVZITXRWVVpxZERKdU9VOXBSVWRFVTBaMlEyOWxPRkEwUkhSQ1kyRTJXVEJFZWpOaVJsZExUMFJUZVZKVU9DMVdWMWxFYUhwWVdUWmxjR1ZTTWxaYWJEVnhZbE4yVDJWSGNVNXFZWG8zWXpsRU1HbFpka1JCUjFOYVkxaGFTbFUxZEUxb04zUjFZakJQV1ZSb05ISjROVGd3TWtKMlVWTmFjMmN6VVhoT2RuVk1OR2RGZGpjNFpUZG9XR0l0ZEc5UllWbHJjVEZrWldSemNGUkVaRkp4ZG1oM2REQlRWSGhTYTJSd01GRmpPRTlKWVc5SVh6SlJUR2xZWWxWcGVFY3RkM1JNUmtaaGJsRnZVbE50V0RSSVkyRXljamswUlROR1pYbFJYMmwyUkZoNlgzWjZNekJEYmxCR2NYQTBabUV5Wm5kTlZrUnJRMDVHTnpGWlZqaGlTRFZOT1doRWIyZHhTakJNTVUxZlpFdEdaMlI1Y2t0TlVVNVdhSGx3TWpWVVFtbDFibDlvZDJoRGFHSTNabDh4VjJneGQySnpXa1YzTkVSS05URlpNV1V0Y0hwbWQzbG9abTkzVVRCM2VtZDBWRFIyUkV0eldXNHhaSGhMV1RWaGExTkJjVEZmWVVGMGNtd3RPVWhRY0RGSloxSnJNR1ZSVHkxU2ExVkpkRTU2VDFsc1gzQlNTMVpvUWxCR1FucFJNbk5KWldkcWFVOWpOa1ZMYVROQk1HTnJOM2hUYUROSWNUYzBOalZLVjFRM2JHeGxXbEk0YW5wRFNuQnZSa2N0TXkxWlozRnRSM3BtY0hCM2VIQnhjMHQ2VlVGYWVUSnlUVmhVT1RCNlgxUklOV3h6V1UxTmNYQXllQzAyYTBscE1EZzJiRVIxZVZvd0xUZFBPVWhqVkRKcVVuVTBSRGxVVGpoaVR5MWpkekp6V2xvM2Rub3pPV3RJU1hoeE1uUnViR1Z4V25KV2JXNUpZWE5FVWpaUGJsaEViV2hMVDNZdGVVSjZSM0ZIVkRGSWRFY3lWa2gxVEVNeE1IbzBRWEp5Vm1KWU1ESkNSVkZ2VkZKbmJFWlpWMTg1WDJKTVdGODBlVzVSUkU1WGNFNVdZbDlKU1RaMVh6bEhaV050T0dSUmFEQk1Ua3BySW4xZExDSnphV2RmZEhsd1pTSTZleUp6ZVhOMFpXMGlPaUoxY200NmFYTnZMV0Z6ZEcwNlJURTNOakl0T1RVNk1qQXhNeUlzSW1OdlpHVWlPaUl4TGpJdU9EUXdMakV3TURZMUxqRXVNVEl1TVM0eElpd2laR2x6Y0d4aGVTSTZJa0YxZEdodmNpZHpJRk5wWjI1aGRIVnlaU0o5ZlEuLlczenp6eUJKS1FodkFiZ0NTc3JhWWZ6b3l5SVFwVVZfdnJacUthS2NOSHBJaGkxaE9EdkxiNUhyQTc2cVItT2dtZm45ZkhUcGhYVlVrOEJpeVNkQ3hpS2tjcHZLZTlBUGFTeDdPWWwzZ2FOVGlRei05YnBZcU4tN1BoZ2xaV2U3X0pFTGo1M0E5VmhDMkNBMV9oNWxnZmlPNkkwWDU2Z3MxTW5HdjVQWmNCV3hnY0s1UHY2d3Y4V1Y3Nk5HRUNXbVJtaTBmbS16c25wWGl3RDJXNjhkenpJZ2RfdEk1OG5vTXl6M083b0N0LUNuU3E0RGtDTUZxSHFZM1RKZThSVlZ5T0RZM1E3Vm9tdWFwOXRQZFJySmVHRE1ra2tZMHoyelJKWkdTVGlGdk9fcHZ6ZWlDMVMyN3lSMldhbWRmWkdiV0xueG16Nnh1ZGtpbl81cDRKQ2JVWng5eUdEMEhwbk9Bak95RW9QUjdUc1hvM3dDRWZLU0hKYU5CQ002Z2FsSWVjRm9mSzlMSkQxaGd2N3ZQV0tzSVpoVTFuQ2lCbFY2SzJvYzNmelJlRm95SjBGc0drX09ZekxQUjRGdlRaNHZZeXJLNUJvSk9CU1ZIUlpFcVRJV3Y3Ty00S1g4VEN5S3dzc1d6enBYUmxELTNKQzdlQjBNYkQ1Ym05OHhKQXZtNjRxTE5YcjhZTHB2cklDM09uTGg3SXVHdkdEM0Z1dXNST2VlNHVOeXd5Vlg1dVR3Z1ZGdzFfQlZxRmRlTENXMmY5bmtGZU8xSmU2ZkZBNmJHbzRXeXluZmdxT1dkOFQ1NVhWbTQ2eWFwLVItNWFWYTBGOS1iTXlHMzBWMTEydjRjWURMc08tTnlGOHIxZlNYNzRVUTh6UkUxYV8wSHdKNDAxRTZMVDZGU1dZ",
            "onBehalfOf": {
                "reference": "Organization/01H0JKDZ1FPQN126V7CJ1MXVZ2"
            },
            "sigFormat": "application/jose",
            "targetFormat": "application/fhir+json",
            "type": [
                {
                    "code": "1.2.840.10065.1.12.1.1",
                    "display": "Author's Signature",
                    "system": "urn:iso-astm:E1762-95:2013"
                }
            ],
            "when": "2024-01-12T07:23:35.0645358+00:00",
            "who": {
                "reference": "Organization/01H0JKDZ1FPQN126V7CJ1MXVZ2"
            }
        }
    ],
    "target": [
        {
            "type": "DiagnosticReport"
        }
    ]
}

📝 Informācijai: Gadījumā, ja prasību informācija ir nesalasāma aizveriet JSON piemēra paplašinājuma skatu.

Provenance un paraksta izveidošana .NET

Lai iegūtu parakstu priekš FHIR API Provenance resursa, kuru nepieciešams iesūtīt kopā ar sistēmā reģistrējamiem datiem ir sniegts zemāk redzams piemērs .Net.

1. Nepieciešamie konfigurācijas parametri, kur:

Certificate - parakstītāja privātās un publiskās daļas sertifikāts X509 formātā, atbilstoši .Net izmantotās bibliotēkas specifikācijai

.Net piemērs:

using System.Security.Cryptography.X509Certificates;
public class JwsServiceConfiguration
{
    public X509Certificate2? Certificate { get; set; }
}

2. Nepieciešams izmantot metodi CreateProvenanceHeader, kur:

resourceType - FHIR resursa tips, piemēram, Binary, DiagnosticReport, utt.
payload - iesūtāmo datu body daļa
who - atsauce uz FHIR reģistrētu ārstniecības iestādi, piemēram, Organization/01H0JGAZN40TAN0TCMWSXD9PEQ
behalfOf - attiecībā no situācijas jānorāda atsauce uz FHIR reģistrētu ārstniecības personu vai ārstniecības personas darba vietu, piemēram, Practitioner/ABH0JGAZN40TAN0TCMWSXD9PCD, PractitionerRole/BCH0JGAZN40TAN0TCMWSXD9PEF
time - parakstīšanas datums un laiks

.Net piemērs:

using Hl7.Fhir.Model;
using Hl7.Fhir.Serialization;
using Jose;
using Microsoft.Extensions.Logging;
using Microsoft.IdentityModel.Tokens;
using System.Security.Cryptography;
using System.Security.Cryptography.X509Certificates;
using System.Text;
using System.Text.Encodings.Web;
using System.Text.Json;

public class JwsService
{
    private readonly ILogger<JwsService> _logger;
    private readonly JwsServiceConfiguration _config;
    public JwsService(ILogger<JwsService> logger, JwsServiceConfiguration config)
    {
        _logger = logger;
        _config = config;
    }

	
    public string CreateProvenanceHeader(string resourceType, string payload, string who, string behalfOf, DateTime? time = null)
    {
        return CreateProvenance(resourceType, payload, who, behalfOf, time);
    }

    private string CreateProvenance(string resourceType, string payload, string who, string behalfOf, DateTime? time = null)
    {
        var date = time ?? DateTime.Now;

        var provenance = new Provenance
        {
            Meta = new Meta
            {
                Profile = new[] { "https://vvis.gov.lv/fhir/StructureDefinition/Provenance/SignatureProvenance-v1" }
            },
            Target = new List<ResourceReference>
            {
                new() { Type = resourceType }
            },
            Recorded = new DateTimeOffset(date),
            Activity = new CodeableConcept
            {
                Coding = new List<Coding>
                {
                    new()
                    {
                        System = "http://terminology.hl7.org/CodeSystem/v3-DocumentCompletion",
                        Code = "LA",
                        Display = "legally authenticated"
                    }
                }
            },
            Agent = new List<Provenance.AgentComponent>
            {
                new()
                {
                    Type = new CodeableConcept
                    {
                        Coding = new List<Coding>
                        {
                            new()
                            {
                                System = "http://terminology.hl7.org/CodeSystem/provenance-participant-type",
                                Code = "author",
                                Display = "Author"
                            }
                        }
                    },
                    Who = new ResourceReference { Reference = who },
                    OnBehalfOf = new ResourceReference { Reference = behalfOf }
                }
            },
            Signature = new List<Signature>
            {
                new()
                {
                    Type = new List<Coding>
                    {
                        new()
                        {
                            System = "urn:iso-astm:E1762-95:2013",
                            Code = "1.2.840.10065.1.12.1.1",
                            Display = "Author's Signature"
                        }
                    },
                    When = new DateTimeOffset(date),
                    Who = new ResourceReference { Reference = who },
                    OnBehalfOf = new ResourceReference { Reference = behalfOf },
                    TargetFormat = "application/fhir+json",
                    SigFormat = "application/jose",
                    Data = Encoding.UTF8.GetBytes(Sign(payload))
                }
            }
        };

        return provenance.ToJson();
    }

    public string Sign(string payload)
    {
        payload = Minify(payload);
        var privateKey = _config.Certificate.GetRSAPrivateKey();
        var rsaParams = privateKey.ExportParameters(false);

        var modulus = Base64UrlEncode(rsaParams.Modulus);
        var publicExponent = Base64UrlEncode(rsaParams.Exponent);
        var x5t = Base64UrlEncode(_config.Certificate.GetCertHash(HashAlgorithmName.SHA1));

        var jwsHeaders = new Dictionary<string, object>
        {
            { "alg", "RS256" },
            { "keys", new JwsKey[] { new("RSA", "sig", x5t, publicExponent, modulus) } },
            { "sig_type", new SigType("urn:iso-astm:E1762-95:2013", "1.2.840.10065.1.12.1.1", "Author's Signature") }
        };

        return JWT.Encode(
            payload,
            privateKey,
            JwsAlgorithm.RS256,
            extraHeaders: jwsHeaders,
            options: new JwtOptions { DetachPayload = true }
        );
    }

    private static string Minify(string json)
    {
        var options =
            new JsonWriterOptions
            {
                Indented = false,
                Encoder = JavaScriptEncoder.UnsafeRelaxedJsonEscaping
            };
        using var document = JsonDocument.Parse(json);
        using var stream = new MemoryStream();
        using var writer = new Utf8JsonWriter(stream, options);
        document.WriteTo(writer);
        writer.Flush();
        return Encoding.UTF8.GetString(stream.ToArray());
    }
}

public record JwsKey(string Kty, string Use, string X5t, string E, string N);
public record SigType(string System, string Code, string Display);