There are two issues involved in what I consider the temporary solution of dealing with a third party. You're asking people to deal with a third party to protect their personal information. Two years ago, this third party was also the victim of hacking. We conducted a study on the matter here.
How liable would you be if your clients' personal information were hacked from the entity that you trust, such as Equifax?