Thanks. In the approach I detailed, if a new user is added to the db_datareader Fixed Database Role they will have permission to select the restricted column from your table unless they are also a member of the db_CompanyNameDataReader User-defined Database Role in which case the DENY permission for db_CompanyNameDataReader User-defined Database Role will take precedence over the GRANT afforded to the db_datareader Fixed Database Role. In short, it is a best practice to try and make Database Users directly a member of one Role if possible to keep things less confusing to manage.

As another general rule I would also suggest you avoid adding a Database User directly to any of the Fixed Database Roles like db_datareader. I prefer to only allow users to be part of User-defined Database Roles. In the rare case where a Database User or set of Users is justified in having db_datareader permissions I will add the User-defined Database Role they belong to as a member of the db_datareader Fixed Database Role.