With the rapid development of cloud storage technology, more and more hospitals and research institutions would like to upload the patient’s electronic medical record (EMR) to the cloud. However, the problems of privacy protection maybe occur if the patient’s private data be obtained by a malicious user. To solve this problem, a fine-grained and efficient access control protocol in the e-health environment is proposed. For one thing, ciphertext-policy attribute-based encryption (CP-ABE) strategy are utilized to conduct fine-grained access control, which guarantees the private data only can be accessed by legal users. For another thing, an optimized access control structure is designed for the reduction of computing and communication overhead. Note that unlike traditional access control protocols. Moreover, counter and the decryption test are employed in this paper to limit the access times and help cloud justify whether the data requester has  permission to decrypt the requested data, which contribute to resisting denial of service attacks (DoS). Analysis result demonstrates that the proposed protocol performs well in terms of security and efficiency.