In the context of healthcare, big data refers to a complex compilation of digital medical data collected from many sources that are difficult to manage with normal technology and software due to its size and complexity. These big data are useful in various aspects of healthcare, such as disease diagnosis, early prevention of diseases, and predicting epidemics. Even though medical big data has many advantages and a lot of potential for revolutionizing healthcare, it also has a lot of drawbacks and problems, of which security and privacy are of the utmost concern, owing to the severity of the complications once the medical data is compromised. On the other hand, it is evident that existing security and privacy safeguards in healthcare organizations are insufficient to protect their massive, big data repositories and ubiquitous environment. Thus, motivated by the synthesizing of the current knowledge pertaining to the security and privacy of medical big data, including the countermeasures, in the study, firstly, we provide a comprehensive review of the security and privacy of medical big data, including countermeasures. Secondly, we propose a novel cloud-enabled hybrid access control framework for securing the medical big data in healthcare organizations, and the result of this research indicates that the proposed access control model can withstand most cyber-attacks, and it is also proven that the proposed framework can be utilized as a primary base to build secure and safe medical big data solutions. Thus, we believe this research would be useful for future researchers to comprehend the knowledge on the security and privacy of medical big data and the development of countermeasures.