<?xml version=“1.0” encoding=“UTF-8”?> <Provenance xmlns=“hl7.org/fhir”>

      <id value="signature"/>
      <meta>
  <security>
    <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
    <code value="HTEST"/>
    <display value="test health data"/>
  </security>
</meta>

      <!--  
  where possible, provenance targets should be version specific,
  so that there is no ambiguity about which version of the 
  record this relates to
 -->
      <target>
              <reference value="DocumentReference/example"/>    
      </target>
      <recorded value="2015-08-27T08:39:24+10:00"/>
      <reason>
              <coding>
                      <system value="http://terminology.hl7.org/CodeSystem/v3-ActReason"/>
                      <code value="TREAT"/>
                      <display value="treatment"/>
              </coding>
      </reason>
      <activity>
              <coding>
                      <system value="http://terminology.hl7.org/CodeSystem/v3-DocumentCompletion"/>
                      <code value="AU"/>
                      <display value="authenticated"/>
              </coding>
      </activity>

      <!--  signer = Harold Hippocrates  -->
      <agent>
              <type>
                      <coding>
                              <system value="http://terminology.hl7.org/CodeSystem/contractsignertypecodes"/>
                              <code value="VERF"/>
                      </coding>
              </type>

              <!--  very often, the user won't have a known system - these aren't available 
    for security system log ons. But where you can define it, you should.
    Most of the time the userId is fully qualfied such as an email address       -->
              <who>
                      <identifier>
                              <system value="urn:ietf:rfc:3986"/>
                              <value value="mailto://hhd@ssa.gov"/>
                      </identifier>
              </who>
      </agent>
      <signature>
              <!--  verification signature  -->
              <type>
                      <system value="urn:iso-astm:E1762-95:2013"/>
                      <code value="1.2.840.10065.1.12.1.5"/>
                      <display value="Verification Signature"/>
              </type>
              <when value="2015-08-27T08:39:24+10:00"/>
              <who>
                      <reference value="Practitioner/xcda-author"/>
              </who>  
              <targetFormat value="application/fhir+xml"/>
              <sigFormat value="application/signature+xml"/>
              <data value="Li4u"/>
      </signature>

</Provenance>