From W3C PROV we get a very clear definition of Provenance:
Provenance is information about entities, activities, and people involved in producing a piece of data or thing, which can be used to form assessments about its quality, reliability or trustworthiness.
Use-case for Basic Provenance:
- When I use data, I need to know the Provenance of that data so that I can assess the quality, reliability and trustworthiness.
- Where data are created by my own organization, I can trust my organization mechanism (out-of-scope is managing Provenance within an Organization)
- When I import data, I need to know the Provenance of the data so that I can assess the quality, reliability and trustworthiness.
- The data is asserted as authored by an Organization (In-Scope, assertions of Organization)
- An individual or device is nice, but often impossible to assess quality, reliability, or trustworthiness of some other organizations individuals or devices. Thus this level of data is nice, but not useful. (Out-of-scope is identification of agents more refined than Organization)
- The data within the data may be derived from, or copies of, data originally from a third Organization. (In-Scope, origin of data that is copied or used in derivations/transforms)
- When data are authored and exported to another Organization, there is a need to have Provenance of the authoring and exporting Organization
- When data are exported that contain data that are derived, or copied, from another organization, then Provenance to that original organization is given.
- What data
- Who Organization authored and exported
- Accurate timestamps
- Indication of Provenance action (DerivedFrom, Export, Import)
- Reasonable mechanism to confirm data are authentic
- Provenance use within an organization for their own data -- Organizations do need this for their own purposes, but would not need to conform to a standard.
- Fine grain Provenance on workflow transitions or data lifecycle events
- Fine grain Provenance actor more refined than Organization
- Transform methods or algorithms
- Digital Signature proof of Integrity
- Provenance on De-Identification or Re-Identification
- Provenance on Delete/Destroy/Deactivate activities
- State of Healthcare Provenance Today
- IHE Profile of Provenance for Extracted data from Document Sharing
- Blockchain Provenance Service