How do you ensure sensitive data remains secure during testing, especially when handling HIPAA or PCI data?