Email can be made secure but I believe it is probably more difficult than doing it in a limited access DB with a site under SSL/HTTPS. Plus it initiates a situation where an end user can accidentally broadcast sensitive data with a careless forward/CC or an Outlook virus or whatever. I'd say steer completely away from email and encourage your customer(s) to think the same. Consider any bank or serious online store you've ever visited. There is not one that would send any of this stuff that way.

I don't mean to be discouraging either. I think it's possible to do this right. Just be very careful and please seek a project review as grep and I suggested before you flip anything live. You could theoretically do something like a hacker prize too. Offer $250-500(?) to anyone who can get a dummy account -- and explain how s/he did it -- out of a test deployment of your code.