Then anyone who has access to the hosted site has access to the keys and hence the data.
If you're using SQL column-level encryption then, unless you're encrypting by password, the keys are stored in the database and sysadmins have full permissions on those keys and hence to the encrypted data.
The only real way to prevent a sysadmin from accessing data is to encrypt it in the app and store the keys somewhere where the sysadmin has no permissions.
Microsoft Certified Master: SQL Server, MVP, M.Sc (Comp Sci)SQL In The Wild
: Discussions on DB performance with occasional diversions into recoverability
We walk in the dark places no others will enter
We stand on the bridge and no one may pass