Access and FAIR Data Principles 

In science research, the FAIR data principles \cite{wilkinson2016fair,force112014guiding} have gained recognition— where the acronym FAIR refers to research data being Findable, Accessible, Interoperable and Reusable. That is, we should be able to find out what data are available and access such data, which is a key stumbling block in the context of health data. The data accessed should be interoperable with other software systems, and data should be well described for it to be useful, i.e., reusable.  
The FAIR data principles should also be applied to data held in private or public organizations if the use is beneficial to society in research or public health management and surveillance. Beneficial use can be authorized by individual (express) consent, but it must also be supported by changes to laws and governance to mandate access by a third party on the patient's behalf, i.e., delegation to allow their data to be shared in according to FAIR principles in a useful, efficient and timely manner. Currently, patients are challenged to access their data and share it with others. Patients should be allowed to should be allower express their wishes regarding their data, in alignment with values and strategies that put the patient first \cite{ministry2015patients}. After all, the patient or data subject is the inherent owner of their data.
While the private sector has some incentives to share data, such as corporate goodwill, they are under no obligations to do so. There are also barriers in access to health data in the Canada's public health care system--barriers in process and to requestors from a different location in Canada. Changes to the law can address these barriers, both in the will to share data and the timeliness of doing so.

Changes to the Law and Supporting Governance

In Canada, privacy and access to information laws do not require a private company to provide access to a consumer's information electronically, nor immediately.  Useful explanations of terms used in the data are not required. Furthermore, current laws only require information to be provided directly to the consumer--not to third party such as a health agency or a primary care provider in accordance with the consumer's wishes.
Hence we recommend that laws and regulations include an obligation to share data electronically in a timely manner adhering to the FAIR data principles.  We also recommend laws include the right of consumers to delegate their access to third parties, in a one-time or ongoing manner.  With governance this can be done with informed consent \cite{PrivacyCommissionerofCanada2018}.  The benefit of a legal obligation is that it removes the need to negotiate data sharing agreements because the custodian of the data will no longer have a mandate or burden to ensure that the receiver of information adheres to good practice or the law.  Once the custodian is mandated to share, the onus falls upon the recipient and governing authorities.  
This approach also requires a trustworthy process for the consumer, custodian and delegated recipient to identify and authenticate each other in a trusted manner that prevents parties from receiving fraudulent information or mixing up the information from one patient with another with the same name.