In this paper we study the problem of validating the legitimacy of devices collecting health data from patients for a smart healthcare system with millimeter wave (mmWave) communication technique, and propose a cost-effective physical layer (PHY-layer) scheme, which utilizes the intrinsic hardware fingerprinting features in terms of carrier frequency offset (CFO). In particular, we first extract the CFO feature caused by the oscillator mismatch in mmWave hardware architecture supporting ultra-high data rates by using the maximum likelihood estimation and parabolic interpolation method, and then formulate the problem of authenticating devices as a binary hypothesis test based on the resulting feature. With the help of statistical signal processing, the analytical expressions for false alarm and detection probabilities are further derived statistically. Finally, extensive simulations are conducted to verify the theoretical results for modeling of the two probabilities. In addition, we also examine the impact of various system parameters on the efficiency of the proposed authentication scheme.