The 1998 Data Protection Act came into force early in 1999 and covers how information about living identifiable persons is used.

The Data Protection Act contains eight Data Protection Principles. These state that all data must be: Processed fairly and lawfully; Obtained & used only for specified and lawful purposes; Adequate, relevant and not excessive; Accurate, and where necessary, kept up to date; Kept for no longer than necessary; Processed in accordance with the individuals rights (as defined); Kept secure; Transferred only to countries that offer adequate data protection.

The CCU’s activities sit within the Data Protection Act as information regarding evacuated persons in receptions centres must be managed accordingly.

A link to the Data Protection Act 1998 is shown below
http://www.opsi.gov.uk/ACTS/acts1998/19980029.htm