Check out this article written by Vitalik Buterin, it will answer your question... basically, do not give *any* private keys to people that should not be able to spend....ever 
and do not give out *any* private keys when anyone in a company has a "master public key" (or extended public key...)
https://bitcoinmagazine.com/articles/deterministic-wallets-advantages-flaw-1385450276
and do not give out *any* private keys when anyone in a company has a "master public key" (or extended public key...)https://bitcoinmagazine.com/articles/deterministic-wallets-advantages-flaw-1385450276