It is still fraught with problems, while you (knowingly) wouldn't do it with PII, is not all that reassuring, others could, or compromised system could be used to exfiltrate this data, if the only control is just trust on the users behaving well with their access

That fact in general industry the controls on how PII data is accessed internally is so lightly managed should worry everyone