Building AI applications with enterprise-grade security is essential in today's business environment, particularly in sectors like healthcare where sensitive data is prevalent. To address security challenges, Fine-Grained Authorization (FGA) and Retrieval Augmented Generation (RAG) offer strategies for creating secure and context-aware AI applications. The article discusses implementing a Relationship-Based Access Control (ReBAC) system using tools like AstraDB, Langflow, and Permit.io, which facilitates real-time updates and maintains strict access control. In healthcare, AI can streamline workflows and improve decision-making, but security measures must ensure that only authorized personnel can access specific patient data. ReBAC, inspired by Google's Zanzibar paper, derives permissions from relationships within the system, allowing for more precise control compared to traditional role-based access control. RAG enhances LLM outputs by retrieving relevant information from a knowledge base and using it to augment the LLM's context, ensuring accurate and comprehensive responses. The implementation utilizes AstraDB for semantic searches and integrates with Permit.io for real-time authorization checks, ensuring that only authorized data is presented to the LLM. This approach enables healthcare providers to leverage AI while maintaining stringent security controls, adapting to changing relationships and roles within the organization.