E-Health systems logically demand a sufficiently fine-grained authorization policy for access control. The access to medical information should not be just role-based but should also include the contextual condition of the role to access data. In this paper, we present a mechanism to extend the standard role-based access control to incorporate contextual information for making access control decisions in e-health application. We present an architecture consisting of authorisation and context infrastructure that work cooperatively to grant access rights based on context-aware authorization policies and context information.