So (sorry for sounding dumb) how do you handle situations where the data has a significant level of sensitivity and you want the DBA to manage it, but not read it, and certainly never change it? Is this where encrypting columns etc comes into it? Would it be fair to say that this falls into the "Too Hard" basket a lot of the time, and the CEO, through ignorance of the technology, basically ends up placing more faith in the DBA's goodwill than is necessary or desirable? How many CEOs would really know what their DBAs have access to?