As all the sectors, whether governmental or private are going for the digital transformation. And one of the most important sectors is the health sector. Consequently, the need for Electronic Medical Record (EMR) has increased significantly. This paper covers in depth the access controls used for EMR specifically. The aim of this review is to help institutions to choose the proper access controls for them by comparing between the most popular existing access controls: Role Based Access Control (RBAC), Attribute Based Access Control (RBAC) and Blockchain. This comparison based on several criteria, which include dynamic environment, implementation, cloud, privacy and need to know, evaluated from the patient’s privacy as well as from the institution’s security requirements. The combination of the rated criteria and access controls produces the comparison matrix.