Traditionally you need to redesign the Access Controls;
PTC's out of the box Access Controls have teamMember that you need to delete.
1. Delete OOTB teamMember ACL against EPMDocuments
2. Make A New Role such as ViewReleasedCAD; Set ACLs for Read or Read/Download for State such as Released for EPMDoc
3. Add Groups to Role per COntext.
Pretty Much a standard Procedure for every customer