(53) Special categories of personal data deserving greater protection should be processed for health purposes only when necessary to achieve those purposes for the benefit of individuals and the general public, in particular in the context of the management of health and social security services and systems, including the processing of such data by management bodies and central national health authorities. health for the purposes of quality control, obtaining management information and general national and local supervision of the health and social security system and ensuring the continuity of health care or social security and cross-border health care, or for security, health monitoring and warning purposes, or for archiving purposes in the public interest, for scientific or historical research purposes, or for statistical purposes which have a basis in Union or Member State law and serve the public interest, as well as for public interest analyses in the field of public health. This Regulation should therefore provide for harmonized conditions for the processing of special categories of personal health data, due to specific needs, in particular when such data are processed for specific health purposes by persons subject to a legal obligation of professional secrecy. Union or Member State law should provide for specific, appropriate measures to protect the fundamental rights and personal data of individuals. Member States should be able to retain or impose further conditions, including restrictions, on the processing of genetic data, biometric data or health data. However, these conditions should not impede the free flow of personal data within the Union if they relate to cross-border processing of such data.