I found Tim Scully's solution for modifying Access Rights of an EpiServer Form, which changes the access of the files uploaded afterwards.

I'm trying to create a new form, which allows Everyone to Read/Create the forms on the web with uploading files, and Restrict access to the files that are uploaded to a specific Group (i.e. prevent Everyone from seeing/downloading them).  It seems as though I cannot Restrict access to the form, because then Everyone cannot even see the form on the web to submit.

Any help is greatly appreciated!

Reference thread #202134

https://world.optimizely.com/forum/developer-forum/Forms/thread-container/2019/3/form-upload-access-rights