The Internet of Health Things (IoHT) has emerged as an attractive networking paradigm in wireless communications, integrated devices and embedded system technologies. In the IoHT, real-time health data are collected through smart healthcare sensors and, in recent years, the IoHT has started to have an important role in the Internet of Things technology. Although the IoHT provides comfort in health monitoring, it also imposes security challenges in maintaining patient data confidentiality and privacy. To overcome such security issues, in this paper, a novel blockchain-based privacy-preserving authentication scheme is proposed as an approach for achieving efficient authentication of the patient without the involvement of a trusted entity. Moreover, a secure handover authentication mechanism that ensures avoiding the patient re-authentication in multi-doctor communication scenarios and revoking the possible malicious misbehavior of medical professionals in the IoHT communication with the patient is developed. The performance of the proposed authentication and handover scheme is analyzed concerning the existing state-of-the-art authentication schemes. The results of the performance analyses reveal that the proposed authentication scheme is resistant to different types of security attacks. Moreover, the results of analyses show that the proposed authentication scheme outperforms similar state-of-the-art authentication schemes in terms of having lower computational, communication and storage costs. Therefore, the novel authentication and handover scheme has proven practical applicability and represents a valuable contribution to improving the security of communication in IoHT networks.