Sharing patient medical records shouldn't mean sacrificing privacy, yet traditional centralized databases constantly struggle to balance accessibility with strict privacy laws like the GDPR. To solve this, we designed a hybrid blockchain framework that eliminates the single point of failure. By combining Ethereum for public verification, Hyperledger Fabric for strict access control, and IPFS for decentralized file storage, our system puts patients back in control of their data. We implemented smart contracts to automatically handle patient consent, track audit logs, and enforce the "right to be forgotten." Experimental testing of our full-stack prototype—built with Django and React.js—demonstrated strong real-world viability. The hybrid approach slashed on-chain storage requirements by 95% while keeping transaction latency consistently low at around 2.8 seconds. Ultimately, this architecture proves that highly secure, legally compliant healthcare data sharing is practically achievable..