I'm interested in what data you're displaying, and how you are authenticating to whatever backend system it's on.

lastpass has a simple timeout - after x number of minutes it logs a user out, and thus nothing sensitive is shown on screen until a user reauthenticates. There's a Deactivate event on your main form you could use to hide when a user starts another app, and then when a user returns and it's under your timeout value redisplay the sensitive data.