FHIR © HL7.org  |  Server Home  |  XIG Home  |  Server Source  |  FHIR  

FHIR IG Statistics: Requirements/CMHAFFR2-APU.5

Packagehl7.fhir.uv.cmhaffr2
TypeRequirements
IdCMHAFFR2-APU.5
FHIR VersionR5
Sourcehttp://hl7.org/fhir/uv/cmhaffr2/https://build.fhir.org/ig/HL7/cmhaff-ig/Requirements-CMHAFFR2-APU.5.html
URLhttp://hl7.org/fhir/uv/cmhaffr2/Requirements/CMHAFFR2-APU.5
Version2.0.1
Statusactive
Date2025-05-28T08:01:49+00:00
NameAPU_5_Data_Authenticity__Provenance__and_Associated_Metadata
TitleAPU.5 Data Authenticity, Provenance, and Associated Metadata (Header)
Realmuv
Authorityhl7
DescriptionThis category is about providing assurance that consumer data is secure when it is moved between the consumer’s device(s) and other locations. This category is about the attribution of sources of data (provenance) and assurance of data authenticity.

Resources that use this resource

No resources found


Resources that this resource uses

No resources found


Narrative

Note: links and images are rebased to the (stated) source

Statement N:

This category is about providing assurance that consumer data is secure when it is moved between the consumer’s device(s) and other locations. This category is about the attribution of sources of data (provenance) and assurance of data authenticity.

Criteria N:
APU.5#89 SHALL

Apps conform to Best Practices for Data Authenticity, Provenance, and Associated Metadata.

APU.5#90 SHALL

[App itself originates data <see ISO 21089 definition of “originate”>] Customer has review option which includes the option to irreversibly destroy, reject or discard data.

APU.5#91 SHALL

[App itself only receives data as a “pass through” and cannot store data] Customer has a review option to display the data prior to executing the pass-through which includes the option to irreversibly stop and block the pass-through.

APU.5#92 SHOULD

[App itself receives data and stores it] Customer has a review option that permits only appending data and/or free text comments to received data as author while preserving the original received data intact with original provenance. User may comment that data are erroneous, but does not have the option to delete the original data.


Source

{
  "resourceType": "Requirements",
  "id": "CMHAFFR2-APU.5",
  "meta": {
    "profile": [
      "http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/FMHeader"
    ]
  },
  "text": {
    "status": "extensions",
    "div": "<!-- snip (see above) -->"
  },
  "extension": [
    {
      "url": "http://hl7.org/fhir/StructureDefinition/structuredefinition-wg",
      "valueCode": "mobile"
    }
  ],
  "url": "http://hl7.org/fhir/uv/cmhaffr2/Requirements/CMHAFFR2-APU.5",
  "version": "2.0.1",
  "name": "APU_5_Data_Authenticity__Provenance__and_Associated_Metadata",
  "title": "APU.5 Data Authenticity, Provenance, and Associated Metadata (Header)",
  "status": "active",
  "date": "2025-05-28T08:01:49+00:00",
  "publisher": "HL7 International / Mobile Health",
  "contact": [
    {
      "telecom": [
        {
          "system": "url",
          "value": "http://www.hl7.org/Special/committees/mobile"
        }
      ]
    }
  ],
  "description": "This category is about providing assurance that consumer data is secure when it is moved between the consumer’s device(s) and other\nlocations. This category is about the attribution of sources of data (provenance) and assurance of data authenticity.",
  "jurisdiction": [
    {
      "coding": [
        {
          "system": "http://unstats.un.org/unsd/methods/m49/m49.htm",
          "code": "001",
          "display": "World"
        }
      ]
    }
  ],
  "statement": [
    {
      "extension": [
        {
          "url": "http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/requirements-dependent",
          "valueBoolean": false
        }
      ],
      "key": "CMHAFFR2-APU.5-89",
      "label": "APU.5#89",
      "conformance": [
        "SHALL"
      ],
      "conditionality": false,
      "requirement": "Apps conform to Best Practices for Data Authenticity, Provenance, and Associated Metadata."
    },
    {
      "extension": [
        {
          "url": "http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/requirements-dependent",
          "valueBoolean": false
        }
      ],
      "key": "CMHAFFR2-APU.5-90",
      "label": "APU.5#90",
      "conformance": [
        "SHALL"
      ],
      "conditionality": false,
      "requirement": "[App itself originates data <see ISO 21089 definition of “originate”>] Customer has review option which includes the option to irreversibly destroy, reject or discard data."
    },
    {
      "extension": [
        {
          "url": "http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/requirements-dependent",
          "valueBoolean": false
        }
      ],
      "key": "CMHAFFR2-APU.5-91",
      "label": "APU.5#91",
      "conformance": [
        "SHALL"
      ],
      "conditionality": false,
      "requirement": "[App itself only receives data as a “pass through” and cannot store data] Customer has a review option to display the data prior to executing the pass-through which includes the option to irreversibly stop and block the pass-through."
    },
    {
      "extension": [
        {
          "url": "http://hl7.org/fhir/uv/cmhaffr2/StructureDefinition/requirements-dependent",
          "valueBoolean": false
        }
      ],
      "key": "CMHAFFR2-APU.5-92",
      "label": "APU.5#92",
      "conformance": [
        "SHOULD"
      ],
      "conditionality": false,
      "requirement": "[App itself receives data and stores it] Customer has a review option that permits only appending data and/or free text comments to received data as author while preserving the original received data intact with original provenance. User may comment that data are erroneous, but does not have the option to delete the original data."
    }
  ]
}