You manage a BigQuery table storing customer data, which includes sensitive information such as names and addresses. This data must be securely shared with both the data analytics and consumer support teams. The data analytics team should have access to the entire dataset but must be restricted from viewing sensitive information. Conversely, the consumer support team requires access to all data columns but should be limited to customers with active contracts only. You used an authorized dataset and policy tags to enforce these rules. However, the data analytics team has reported that they can still view the sensitive columns despite these precautions. To rectify this, what steps should you take to ensure the data analytics team is restricted from accessing sensitive information? (Choose two.)