With the growth of Wireless Sensor Networks and Internet of Things (IoT) paradigms, real-time remote monitoring of the patients by a remote Medical Professional (MP) has become feasible and patients can enjoy healthcare services at home. However, patient’s medical data stored on servers are highly sensitive and hence, the Wireless Sensor Networks-IOT network becomes open to many attacks. Therefore, it must ensure that patients’ medical data do not get exposed to unauthorized users. This makes strong user authentication essential for the successful global deployment of centralized healthcare systems. In this paper, we present an efficient, strong authentication protocol, for the MP to access patient data for healthcare applications based on Wireless Sensor Networks-IOT network. The proposed protocol includes (1) three-factor MP authentication (i.e., password, biometrics, and smartcard); (2) mutual authentication between MP and the Wireless Sensor Networks server; (3) establishing a secure shared session key; and (4) maintaining key freshness. Furthermore, the proposed protocol uses only two message exchanges between MP and Wireless Sensor Network server and attains efficiency (i.e., low computation and communication costs). Through the formal analysis using the AVISPA web tool, security analysis, and performance analysis, we conclude that the proposed protocol is more secure against potential attacks, and obtains a trade-off between security and performance costs for healthcare applications using Wireless Sensor Networks-IOT networks.