Try:
INSERT INTO "table_name" ("column1", "column2", ...) VALUES ("value1", "value2", ...)
as your SQL command. By preference, do it using Parameterised queries:
cmd = new SqlCommand("INSERT INTO PatientDetails (Name, HeartScore) VALUES (@NAME, @HEARTSCORE)", con);
cmd.Parameters.AddWithValue("@NAME", txtPatientName.Text);
cmd.Parameters.AddWithValue("@HEARTSCORE", txtHeartScore.Text);
cmd.ExecuteNonQuery();
This assumes that "PatientDetails" is your Table, and two of the columns are "Name" and "HeartScore" - you can extend it to have all your fields.
It's a bit complicated to explain why at this stage, but it has to do with avoiding problems with your database caused by bad data entered in the textbox. Google for "SQL Injection Attack" for details when you are a bit more up on SQL. Plus it makes the lines shorter and more readable!