If they send the whole Database or DVD then I would question the competency level of an organization or individual with my money or confidential information.  I would hope that most businesses would understand that you only send what is needed to get the job done and nothing more.  If they do not understand that or take short cuts on their own accord to make it easier for themselves then I would take my business else where.