Actually, that's quite similar, if not the same, to the default Windows permissions for the default install. Admins can read/write everywhere (except where the annoying TrustedInstaller shows), and any other regular user has read/write on his own folder (under c:\users\<username>), no access to someone's else folder, and read only everywhere else.
For placing such permissions, you can give the admin permissions on the root folder you like, then on the each user particular folder, open the advanced permission dialog and add that particular user, giving him full control and possibly ownership, in addition to the inherited permissions. You have to untick the inheritance if you want to prevent others to see each other's data. I almost always leave the "location" option alone in the default selection (this folder, sub folders and files, if memory serves).