Zzz-5-Zzz is what you require.
Axiomatics, the firm I work for (disclosure: I work there), has a policy-driven solution for data filtering and masking. It means that it is feasible to limit what a user can SELECT, INSERT, and DELETE depending on policies and characteristics.
It functions by having you define a policy, such as:
Then you put a proxy between the application and the database, which will intercept the flow and insert the appropriate SQL filter statement (usually a WHERE clause), for example:
SELECT * FROM medicalrecords
SELECT * FROM medicalrecords WHERE medicalrecords.assignedDoctor='Alice'
You might find the following links helpful: