diff --git a/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-ui-evaluators-context.xml b/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-ui-evaluators-context.xml
index 41141a66d0..20a64262aa 100644
--- a/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-ui-evaluators-context.xml
+++ b/rm-server/config/alfresco/module/org_alfresco_module_rm/rm-ui-evaluators-context.xml
@@ -685,5 +685,16 @@
       </property>
       <property name="capability" value="RejectRecords" />
    </bean>
+   
+   <bean id="jsonConversionComponent.hide"
+         parent="jsonConversionComponent.baseAction">
+      <property name="name" value="hide"/>
+      <property name="kinds">
+         <set>
+            <value>RECORD</value>
+         </set>
+      </property>
+      <property name="capability" value="FileRecords" />
+   </bean>
 
 </beans>
diff --git a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordServiceImpl.java b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordServiceImpl.java
index b6d5e36a28..9a41a1ff83 100644
--- a/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordServiceImpl.java
+++ b/rm-server/source/java/org/alfresco/module/org_alfresco_module_rm/record/RecordServiceImpl.java
@@ -475,16 +475,6 @@ public class RecordServiceImpl implements RecordService,
     {
         ParameterCheck.mandatory("NodeRef", nodeRef);
 
-        // first we do a sanity check to ensure that the user has at least write permissions on the record
-        if (permissionService.hasPermission(nodeRef, PermissionService.WRITE) != AccessStatus.ALLOWED)
-        {
-            throw new AccessDeniedException(
-                    "Cannot hide record, because the user '"
-                            + AuthenticationUtil.getRunAsUser()
-                            + "' does not have write permissions on the record '"
-                            + nodeRef.toString() + "'.");
-        }
-
         // do the work of hiding the record as the system user
         AuthenticationUtil.runAsSystem(new RunAsWork<Void>()
         {
diff --git a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordServiceImplTest.java b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordServiceImplTest.java
index 6fff0a6233..60681b35b0 100644
--- a/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordServiceImplTest.java
+++ b/rm-server/test/java/org/alfresco/module/org_alfresco_module_rm/test/service/RecordServiceImplTest.java
@@ -274,6 +274,8 @@ public class RecordServiceImplTest extends BaseRMTestCase
                 assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(filePlan, RMPermissionModel.VIEW_RECORDS));
                 assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(filePlan, RMPermissionModel.EDIT_RECORD_METADATA));
                 
+                Capability filling = capabilityService.getCapability("FileRecords");
+                assertEquals(AccessStatus.ALLOWED, filling.hasPermission(dmDocument));
                 
                 Capability editRecordMetadata = capabilityService.getCapability("EditRecordMetadata");
                 assertEquals(AccessStatus.ALLOWED, editRecordMetadata.hasPermission(dmDocument));
@@ -284,6 +286,43 @@ public class RecordServiceImplTest extends BaseRMTestCase
                 return null;
             }
         }, dmCollaborator);
+        
+        // check the consumer's permissions are correct for the newly created document
+        doTestInTransaction(new Test<Void>()
+        {
+            @Override
+            public Void run()
+            {
+                checkPermissions(READ_RECORDS,
+                        AccessStatus.ALLOWED,   // file plan
+                        AccessStatus.ALLOWED,   // unfiled container
+                        AccessStatus.DENIED,   // record category
+                        AccessStatus.DENIED,   // record folder
+                        AccessStatus.ALLOWED);  // doc/record
+
+                checkPermissions(FILING,
+                        AccessStatus.DENIED,   // file plan
+                        AccessStatus.DENIED,   // unfiled container
+                        AccessStatus.DENIED,   // record category
+                        AccessStatus.DENIED,   // record folder
+                        AccessStatus.DENIED);  // doc/record
+                
+                assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(filePlan, RMPermissionModel.VIEW_RECORDS));
+                assertEquals(AccessStatus.ALLOWED, permissionService.hasPermission(filePlan, RMPermissionModel.EDIT_RECORD_METADATA));
+                
+                Capability filling = capabilityService.getCapability("FileRecords");
+                assertEquals(AccessStatus.DENIED, filling.hasPermission(dmDocument));
+                
+                Capability editRecordMetadata = capabilityService.getCapability("EditRecordMetadata");
+                assertEquals(AccessStatus.DENIED, editRecordMetadata.hasPermission(dmDocument));
+                
+                Capability updateProperties = capabilityService.getCapability("UpdateProperties");
+                assertEquals(AccessStatus.DENIED, updateProperties.hasPermission(dmDocument));
+
+            
+                return null;
+            }
+        }, dmConsumer);
     }
 
     public void testCreateRecordNoLink() throws Exception