That's a tricky one. One solution is to encrypt the file and decrypt only the parts you need. Has the extra advantage that the copy of the data on the disk itself/going over the LAN is also much harder to read.
In addition to/failing that, you should write your program to make sure as few intermediate copies of the data are made as possible. In many cases, the data will be read in chunks from the disk into system buffers, then cut down - or built up - to sizes more appropriate to the app, which may, in turn, move slices of the data around in its own memory. These copies should be bypassed where possible and wiped where not.
I've not have to get quite this paranoid, but there's a program that is. It's a password vault program called "pwsafe". I recommend you obtain the source code and see what they're doing. I do know that in order for it to wipe system/shared memory it has to run as root. Which has its own hazards.