I am getting questions about the safeguards in place for PII (personally identifiable information such as names, phone #s, addresses, etc) and wanted to hear how other customers have handled.
Where we are seeing leaks is in the alerts, update requests, and send row feature. These features send the entire contents of the row via email, which is an unsecured medium.
We actually don't need the entire contents of the entire row to trigger an update request and/or next workflow step, so if there was a way to mark a field as "don't ever send this field via email" that would probably work, as access to sensitive fields would only be granted to authenticated users.