You can limit the power of the system administrator or database owner to access private data when you specify passwords on keys using create encryption key or alter encryption key. If keys have explicit passwords, users must have, before they can decrypt data:
decrypt permission on the column
The encryption key’s password
Users must also know the password to run DML commands that encrypt data.
