Yes! In our newsroom (which isn't perfect by any means) - I have been testing using Qubes for really sensitive/untrusted documents. We also open un-trusted documents (from e.g. FOIA responses) on a machine live-booting from a CD.
However, it adds enough friction (especially with remote work) that it's hard to get it right 100% of the time.
If you want to share really sensitive documents, one way to ensure proper handling of your documents is to use a service like SecureDrop [0] which for e.g. only accepts submissions over Tor and requires the use of a secure viewing station [1] (air-gapped machine live-booting Tails w coreboot rom + webcam/networking card physically removed) to decrypt/access leaks.
That being said, I don't think there's a perfect tech-only solution because nothing is stopping folks handling it carelessly after they access the file.
You could also use Dangerzone [0]. It opens a document in two docker containers and converts it into a safe version. It was created by the director of infosec at The Intercept.
However, it adds enough friction (especially with remote work) that it's hard to get it right 100% of the time.
If you want to share really sensitive documents, one way to ensure proper handling of your documents is to use a service like SecureDrop [0] which for e.g. only accepts submissions over Tor and requires the use of a secure viewing station [1] (air-gapped machine live-booting Tails w coreboot rom + webcam/networking card physically removed) to decrypt/access leaks.
That being said, I don't think there's a perfect tech-only solution because nothing is stopping folks handling it carelessly after they access the file.
[0] https://securedrop.org/directory/center-public-integrity/
[1] https://docs.securedrop.org/en/stable/set_up_svs.html