Thank you for your post!
Check out this sample file - I think it has the features you are looking for. You may need to modify as this only allows Read/Write to records created by the Account, but won't see records created by any other Accounts. See the "Create Accounts" Script and the "CustomPrivilege" in Security.
I hope this helps!