I assume in your DB where SensitiveNotes are, the employees Department is also present. This means, when you set a trigger on opening a document, you can achieve what you want. Yust create a table that is connected to the others, where you store Department, EmployeeID (or the key you use to identify users) and SensitiveNotes. Put a trigger on opening document with EmployeeId. With the associated table they will see information regarding their department.
Hope it helped!
As I have a similar requirement now, I will share what I have done.
At first, I thought I would create separate fields for SensitiveNotes in the load script,
such as HR_SensitiveNotes and Finance_SensitiveNotes.
Then use OMIT against these two fields.
However, the solution below from Tobias Klett looks smarter.