In short, many vendors go to great expense to vet, audit, and limit the number of employees who could potentially access customer data. Some will geo-locate physically separate systems under separate administration according to regional necessity.
Sure, but this can only be appreciated if the relationship is large enough to have an explicit non-changeable contract and routine auditing. From any lone consumer's point of view, "cloud" providers are black boxes that will probably try to limit the damage a rogue employee can do, but any methods or promises can change overnight based on business needs.
In short, many vendors go to great expense to vet, audit, and limit the number of employees who could potentially access customer data. Some will geo-locate physically separate systems under separate administration according to regional necessity.
Disclosure: works for such a vendor.