When you are working with outsourced resources, be careful about exposing confidential data to another company. One way that this risk can be mitigated is through legal agreements.

Another is to somehow mask, redact, or remove confidential data. Some data is sensitive and should be modified so that personally identifiable information (PII), such as names, social security numbers, address/phone/email information, and other data elements, is somehow protected. Protecting sensitive data may even be applicable when the data will only be seen by internal resources, but more careful consideration should be given when any data will be seen and used outside the company.