Patient-centered health information technology (PCHIT) provides personalized electronic health IT to patients. Since provision of PCHIT entails handling of sensitive medical information, a special focus on security and privacy aspects is required. We present security and privacy requirements for patient-centered health IT applications and examine how security features of large-scale, inter-organizational health information technology networks, like the German health information technology infrastructure (HTI), can be utilized for ensuring privacy and security of PCHIT. Moreover, we illustrate additional security measures that complement the HTI security measures and introduce a guideline for provision of patient-centered health IT applications while ensuring security and privacy. Our elaborations lead to the conclusion that security features of health information technology networks can be used to create a solid foundation for protecting security and privacy in patient-centered health IT applications offered in public networks like the Internet.