In this paper, we propose a privacy-preserving e-health system, which is a fusion of Internet-of-things (IoT), big data and cloud storage. The medical IoT network monitors patient's physiological data, which are aggregated to electronic health record (EHR). The medical big data that contains a large amount of EHRs are outsourced to cloud platform. In the proposed system, the patient distributes an IoT group key to the medical nodes in an authenticated way without interaction round. The IoT messages are encrypted using the IoT group key and transmitted to the patient, which can be batch authenticated by the patient. The encrypted EHRs are shared among patient and different data users in a fine-grained access control manner. A novel keyword match based policy update mechanism is designed to enable flexible access policy updating without privacy leakage. Extensive comparison and simulation results demonstrate that the algorithms in the proposed system are efficient. Comprehensive analysis is provided to prove its security.