Documents can have their default security set to Private. This means that no user or group than other than the author, operator, or NRTADMIN has access to the document. Users may mark a document as Private because they are working in draft mode and do not want others to see their early work. In this case, the ACL is empty for the document. Other times, the owner may grant some users access. The document still has its default security set to Private, but the ACL is not empty, and so other users/groups have access to it. Either way, an owner has set the default security to Private because they want to manage the security explicitly and generally they do not want security refile to modify the default security settings.
The documents having default setting as Private are classified as following:
Restricted document - A restricted document is defined as the one having its default security set to Private and the ACL is empty. Restricted documents are never affected by a security refile.
Secured document - A secured document is defined as the one document having its default security to Private and the ACL is not empty. Secured documents may be affected by Refile depending upon the Refile Secured Documents setting. See Configuring Refile for more information about this setting.
If set to No, then secured documents are skipped.
If set to Yes, then secured documents are processed according to the Refile rules. Refiling secured documents changes the security settings according to the Refile rules. You should review the security model of your organization before enabling refile for secured documents because it can potentially expose sensitive content.