What if a client sees someone else’s data on their instance? Data is now public. What are repercussions and remediations?

This should never happen. There is a way for clients to share data, but that is based on approval. Multi-Tiered architecture ensures this data can not be cross threaded. We have tested this out through an independent external QA process and pen testing.