If this person has the true administrator role they have access to everything on the server. Anybody that has the administrator role will be able to see everything on the server. The assumption is that anyone you put in that role would have the integrity to, one: not be snooping around on the server unless there is some kind of an issue to deal with and two: be expected to follow a strict confidentiality policy. People in IT have to deal with this kind of an issue at all times because they will always have access to everything on a server unless the files in a users folders are encrypted. In the LMS I don't believe that it is possible.
If you don't want this person to see what is in that particular category then I belive that you have a couple of options: 1) Create a specific role for administration of certain things and then assign that role at the category level and don't add that person to the role in the secure category. 2) If you really don't want anyone to have access then setup a second instance of Moodle and only put your senior staff on that server with a trusted person set as the administrator.
I hope this helps.