Civil Contingencies Act 2004: Primary legislation that establishes a framework for emergency preparedness and response in the UK, requiring organizations to maintain business continuity plans
Companies Act 2006: Fundamental company law that sets out directors' duties including responsibility for risk management and business continuity
Data Protection Act 2018: UK implementation of GDPR, governing how organizations must protect and manage personal data, including during business continuity scenarios
Health and Safety at Work Act 1974: Legislation ensuring workplace safety and health, which must be maintained even during business continuity situations
Financial Services and Markets Act 2000: Key financial services legislation that includes requirements for operational resilience in financial institutions
ISO 22301: International standard for Business Continuity Management Systems, providing framework for maintaining business operations during disruptions
BS 65000: British Standard for Organizational Resilience, providing guidance on building resilient organizations
NIS Regulations 2018: Network and Information Systems Regulations governing cybersecurity and network resilience for essential services
Payment Services Regulations 2017: Regulations for payment service providers including operational resilience requirements
Employment Rights Act 1996: Legislation protecting employees' rights which must be considered in business continuity planning
Working Time Regulations 1998: Rules governing working hours and conditions that remain applicable during business continuity scenarios
Privacy and Electronic Communications Regulations: Regulations governing electronic communications and data privacy that must be maintained during business disruptions
Environmental Protection Act 1990: Environmental legislation that organizations must comply with, including during emergency situations
COMAH Regulations 2015: Control of Major Accident Hazards Regulations for preventing and managing major industrial accidents
