We are sending an email. Currently how we are handling is create a json file with all the items and store it in a shared drive. Only Business team would have access to it. JSON file path is added in Queue. There is no way we can mask or encrypt teh data from UI.
Becasue of GDPR and PCI compliance we are not allowed to store sensitive information any where outside of business zone/ BU.
Even with the Org Units or Folders, there would be an admin required from infra team right? Or can we create a business user role and no other role should have access to it. Not even admin
SO i think we would need to create an admin who is from business and another roles from Support and Infra who would not have access to view queue data. (I am not sure still if tenant admin can go through it or not). Do we recommend admin to be from business not CoE
Thinking around this, i have become more confused now… Arghh!! 
Do you have any info on how other financial or banks are doing? After GDPR and PCI, it has become more challenging to convince to business.
ashokkarale
MD_Farhan1
Ajay_Mishra
postwick
Dheerendra_vishwakarma
Anil_G
chandreshsinh.jadeja
Gautham_Pattabiraman
vrdabberu
aravindbalineni123