The rapid integration of Internet of Things (IoT) devices into modern healthcare creates significant security risks for sensitive patient data. Medical images are particularly vulnerable due to their large file sizes and high pixel redundancy, yet conventional encryption algorithms are often too computationally intensive for the resource-constrained hardware found in IoT devices. This paper proposes a novel hybrid encryption framework designed to resolve this security-performance trade-off. Our method first employs the AES S-box to introduce strong confusion, using its proven non-linear substitution to obscure statistical patterns within the image. Subsequently, a performance-optimized, reduced-round ChaCha20 stream cipher is used to achieve rapid diffusion. This stage ensures that even a single-bit change in the input is spread unpredictably across the entire ciphertext, making the output highly randomized. Experimental analysis confirms the framework's robust security. The scheme achieves an information entropy of ~7.997, indicating near-perfect randomness, while reducing pixel correlation coefficients to negligible values. A Number of Pixel Change Rate (NPCR) exceeding 99.5% for single-bit variations highlights its strong avalanche effect and resilience against differential cryptanalysis. By delivering these strong security guarantees with faster encryption speeds and minimal memory overhead, our hybrid framework presents a practical and scalable solution for securing sensitive medical images in real-time Internet of Health Systems (IoHS) applications like remote diagnostics and secure mobile health.