This document discusses using User-Managed Access (UMA) to protect personal data in an Internet of Things (IoT) network for a patient-centric use case. UMA allows an individual to control access to their personal data stored across different devices and systems. The summary describes a scenario where a patient's heart rate data collected from an electronic stethoscope is stored and the patient uses UMA to grant their doctor access to view the data. UMA provides a centralized authorization system to help empower individuals to manage access to their personal information distributed throughout an IoT network.