Granting Decrypt Permission
Go Up to Using isql to Enable and Implement Encryption
After encrypting a column, the database owner or the individual table owner, grants decrypt permission to users who need to access the values in an encrypted column. Generally speaking, these are end users who already have, or who need to have, select, insert, update, and/or delete privileges on the same data. You can grant decrypt permission to individual users and to groups of users by role, view, trigger, and stored procedure.
To grant decrypt privileges to an individual user, use the following syntax:
grant decrypt[(column-name, …)] on table-name to user-name
- Note: If the database owner or the individual table owner has explicitly granted execute and select privileges to users on stored procedures and views, respectively, a chain of ownership implicitly grants decrypt privilege on any referenced encrypted columns in those schema elements owned by that schema owner.