Internet of things (IoT) creates communication between the sensor nodes and smart devices through the internet to collect the data. The utilisation of IoT in the medical field brings more advantage to the patients and doctors for effective monitoring. The confidentiality of the medical data is a crucial factor need to be taken care of by the medical-IoT (M-IoT). This paper concentrates on developing a secure mechanism for medical data management. In this paper, we develop an architecture for managing the large volumes of medical data generated by the sensor nodes. This architecture will provide secure communication for data sharing among doctors and patients in normal and emergency conditions. As a next step, we propose the security mechanism for improving the data integrity and confidentiality. The proposed mechanism uses symmetric encryption and attribute-based encryption to achieve the performance. The simulation results prove the efficiency of the proposed system. © 2020 Inderscience Enterprises Ltd.