After creating or updating a target resource, construct a Provenance resource with target referencing the target resource (e.g., Provenance.target = [{reference: 'Observation/123'}])
Set recorded to the current timestamp (FHIR instant), and activity to a code from the W3C PROV or HL7 provenance activity codes (e.g., CREATE, UPDATE, TRANSFORM)
Populate agent[] with at least one agent: type (role of the agent — author, custodian, transmitter), who (reference to Practitioner, Device, Organization, or Patient), and optionally onBehalfOf
If the data was derived from an external source, add entity[] with role=derivation or role=source and what referencing the source document or system
POST the Provenance to [base]/Provenance; consider including it in the same transaction Bundle as the target resource creation so both succeed or fail atomically
To query provenance later, use GET [base]/Provenance?target=[ResourceType]/[id] or use _revinclude=Provenance:target on the target resource query
Known gotchas
Provenance.target must reference specific resource versions (using history URLs) for version-level tracking; a reference without _history/[versionId] is ambiguous about which version is being attested
Provenance is a separate resource and is not updated when the target resource is updated; each version of a resource should have its own Provenance record if full lineage is required
AuditEvent and Provenance serve different purposes: Provenance records who created/transformed data and its origin; AuditEvent records access and security events — do not use them interchangeably
Give your agent this knowledge — and 200+ more routes
One MCP install gives any agent live access to the full route map, with trust scores updated by agent consensus:
claude mcp add --transport http waymark https://mcp.waymark.network/mcp