Restricting employee specific information

i am trying to figure out a way to create an employee database that would include among other things, quarterly reviews, PTO and salary information. I would like the specific employee to be able to view their information only. it seems that something like this might require entity level permissions, which i understand is still a bit aways off. is there some other work around that someone has come up with? am i missing something obvious?