My contribution to this idea: it is already possible to assign a department (or other Operation units like Business unit) to a role. To do this:
1) create an organization hierarchy via Organization administration -> Organization hierarchies and assign this hierarchy to the purpose "Security".
2) Assign an Operation Unit (Business Unit / Department etc.) to a role: System administration -> Manage users. Then select a user, select a role ans click on "Assign organizations". Select "Grant access to specific organizations individually", select the organization hierarchy and drill down in the hierarchy until the correct Busines Unit or Department has been found. Click on "Grant" or "Grant with children" to grant access to the selected Operation unit (and its children).

However, even though it is possible to do this, it's not reflected in the access granted to the user. The user is still able to access employees present in other Operation units. So in my opinion the solution provided here should elaborate on this available possibility.