I think that is easier on the application side. Also you may consider using encryption for sensitive data instead of RLS. https://docs.microsoft.com/en-us/sql/t-sql/functions/decryptbykey-transact-sql