Hi rexlin,
dont think it is possible as you cannot use dynamic parameters (like login name, or group membership,...) in role definition. So you will have to define one role per user (oumf...).
First time i heard about this kind of wish for a customer. What will happen if it is a real data leakage ? if you need to perform awareness using the tool, i think it is better to use endpoint popup each time you detect something. But "customer is our king" and if he want to have this functionality you have to do give him. What you can use instead it is an email send to them to inform that they violate a policy and give some information using dynamic notification parameters.
regards.