If you mean "I'd rather the customer host it themselves because then they have responsibility," I know what you mean.
Of course the customer is going to come back at you and say "why didn't your app...".
And to some extent that's true. How many apps separate real data from hashes needed to authenticate a customer? Is the real data that is sensitive kept an another sub-net, reachable only from authenticated apps on certain app servers? Etc.
Fortunately, we haven't had to deal with that issue due to the kind of data we store (on customer sites, and on our hosted site).
And even if you do all the right things, you are only protecting, at best, from the B-team hackers. The A-team hackers will always get in.
We're in the Wild West days of the internet, and it isn't pretty.
>Thinking of hosting client data?
>Here's what happened to a billion dollar/year host
>
http://www.zdnet.com/article/sage-insider-data-breach-impacts-hundreds-of-business-customers/