Burgeoning wireless technology developments have positively affected nearly every aspect of human life, and remote patient-healthcare monitoring through the internet is no exception. By employing smart gadgets, wireless body area networks, and cloud-based server platforms, patients can submit their sensor-captured readings in real-time to e-health cloud servers and ultimately to medical professionals so that the latter may treat patients appropriately at any time and in any place. To make the system reliable, an authenticated key agreement is required for the participating entities in this system. Many remote patient-healthcare monitoring protocols have been seen so far; however, reliance on wireless technology brings many security challenges for existing protocols. Recently, Xu et al. presented a new patient healthcare monitoring protocol; however, we demonstrate that it is vulnerable to many attacks, including replay attacks and key compromise impersonation attacks, and also that it suffers from privacy issues. Thereafter, we have proposed an improved scheme and formally analyzed its security features by implementing BAN logic and an automated simulation tool.