A document management system and method. The inventive system includes a server for providing data from a stored document. Software is provided on the server for encrypting the data. A communications subsystem is included for transporting the encrypted data from the server to the client. Software is provided at the client for decrypting the encrypted data. The inventive method includes the steps of: using a client machine to access a server via a network and to request data therefrom; encrypting at least a portion of said data on said server; communicating said encrypted data from said server to said client; and decrypting said data on said client. In the illustrative embodiment, the inventive method operates under the control of an agent residing on the server. The encrypting software is a first applet residing on the server and the decrypting software is a second applet residing on the client. In the illustrative implementation, the second applet is communicated from the server to the client. Several mechanisms are included for verifying the user's identity including a digital signature, a private key and a public key. In accordance with the invention, software is included for customizing the data based on the user's access rights; providing for secure modification of the shared document; and tracking submission, access, and changes in the document.