Here is a suggestion based on my experience. I don't know all of your requirements, so you may need to adjust.
Assuming that you are using a separate drive, like E:.... On the root of E: I would grant System and Administrators full control. If you have UAC enabled on the server, I would define another group and add in the administrator accounts and any other support team accounts that might need to help manage the files/folders. Call the group ShareAdmins or something meaningful to you.
Then create the E:\Home directory and share it out as Home. In the share permissions, grant Administrators and ShareAdmins full control, and Everyone Change control. You want to use "Change", because you don't want to let users update security permissions on folders that they may have update access to.
In the folder permissions for E:\Home you will see System, ShareAmins and Administrators being inherited. Add the Everyone account and grant it List access. In the Advanced permissions, set the "Applies to:" to "This folder only". That will allow users to traverse the Home folder to get to their own data folder, but not allow them to see files and folders in other users directories.
Create a folder for each user. It will inherit the permissions for System, ShareAmins and Administrators. Add the users account and grant it Modify access.
In group policy or the user's logon script map their home drive to \ServerName\Home\UserName. If the users would happen to browse the \ServerName\Home share, they will be able to see other users folders, but they should not be able to access files and subfolders.
If you do not have the guest account disabled, then use Authenticated Users instead of the Everyone account.