[Roles] would not be a good solution because the app has a lot of doc with the same rule. Private View involves hard maintenance (the user can perform a search). Single Category will not work either. Settng all employees in a Readers field without the User XXX is not a good solution either, because I have more than 100,000 users (Default-ACL is not set to No Access). Work with Groups can work but the Domino Administrator will rate me. What is your recommendation?
Also, you say that the person isn't supposed to be able to see the document about them because it contains information about themselves that they aren't supposed to know, but everybody else in the whole company has access to? This seems odd to me, to say the least. What's to prevent people from making deals with each other? "I'll show you yours if you show me mine." They've got the whole company to choose from -- they don't have to try to talk their immediate co-workers into it when they have a friend in a different department.
Realistically, there are not 100,000 users who will require access to read a particular document. Nobody has time to read more than a small percentage. There are probably only a few who need to see it. The problem is identifying those few so you can put only them in the Readers field. Perhaps they could be self-identified, meaning they would fill out a request form asking for access to a particular user's information. An agent would then process the requests and add them to the Readers field of the corresponding document automatically. However, note that an application that contains 100,000 documents, all of which have different Readers fields, will be slow.
If you made it accessible only through a Web browser, you might have better luck hiding information securely. The user doesn't have access there to the normal tools they would use to bypass hide formulas, Queryopen code, and other measures that aren't true security.
Do you have comments on this Ask the Expert question and response? Let us know.
Dig Deeper on Development Security for Lotus Notes Domino
Related Q&A from Andre Guirard
Learn how you can use LotusScript and OLE to create and populate Microsoft Excel spreadsheets, as well as a little bit about Lotus Symphony. Continue Reading
Discover options you can use if you'd like external users to be able to access a workflow-based Notes Domino application through different ... Continue Reading
Learn why you may receive the error message: "Illegal circular use: Audit Trail" when trying to open Lotus Notes documents that use copied forms. Continue Reading