BCS Practitioner Certificate in Data Protection

The BCS Practitioner Certificate in Data Protection is aimed at experienced data protection professionals, and those candidates that want to build on the BCS Foundation Certificate to gain a broader and deeper understanding of the current laws.

  • 16 April
    4 days
    Session information
    Day 1
    Tue 16 Apr 09:00 - Tue 16 Apr 16:00
    Day 2
    Wed 17 Apr 09:00 - Wed 17 Apr 16:00
    Day 3
    Thu 18 Apr 09:00 - Thu 18 Apr 16:00
    Day 4
    Fri 19 Apr 09:00 - Fri 19 Apr 16:00
    • £2,050.00 excl. VAT
None of these dates work for you? Suggest another date & time


    Delegates will gain a broader and deeper understanding of current laws, including the EU-GDPR, UK-GDPR (although not included within the exam) and the UK Data Protection Act 2018, and how they need to be applied in your organisation.

    The qualification demonstrates a level of practical competence and knowledge obtained by those responsible for dealing with data protection in an organisation.


    Course Content

    The aim of the syllabus is so delegates gain knowledge of UK data protection law, including the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018, along with an understanding of how they are applied in practice.

    Day 1

    • An in depth look at data protection in Europe through the years and how it has evolved.
    • Discussing the correlation between data protection and privacy, including human rights.
    • The impact Brexit has had on the GDPR in Britain, and your responsibility in ensuring compliance with the changes.
    • How you and your organisation can distinguish between the different types of data, and how they should be processed.
    • How to understand the principles of data protection and what they mean for you and your organisation.
    • Look at different lawful bases for processing personal data, and how and why they apply, including the added protection special category data gets, and any exemptions that apply, and why.

    Day 2

    • Who is accountable for data protection, and how and why you ensure governance and accountability are adhered to.
    • A look at the role of the DPO within an organisation.
    • What information security measure you can implement.
    • The relationship between controllers and processors in the data protection journey, and the responsibilities of each.
    • The relationship between controllers and third countries when transferring data, and the different ways in which to transfer that data safely and legally.

    Day 3

    • Understand the rights of the data subjects you deal with, and whose data you are responsible for, including any restrictions under the GDPR and DPA 2018.
    • The difference between the independent supervisory authority and the ICO, helping you understand the scope of their power and limitations.
    • The role of the European Data Protection Board.
    • The consequences of breaches, what constitutes a breach, what remedies you can take, what enforcement action can be taken, any liability you or your company could face, and why, including a discussion on criminal offences linked to breaches.

    Day 4 

    • How to handle and process children's data.
    • A look at public authorities and their responsibilities.
    • Privacy and Electronic Communications Regulations 2003 (PECR). What is does and doesn't cover.
    • Industry specific areas of data protection, how they apply, and their scope. For example, employment practice codes, CCTV, cookies, and data sharing.

    Candidate will be able to demonstrate knowledge and understanding of key provisions of data protection legislation in the following areas: 

    • Context of data protection legislation. 

    • Principles of data protection and applicable terminology 

    • Lawful basis for processing of personal data 

    • Governance and accountability of data protection within organisations 

    • Interaction between controller and processor, and role of third parties 

    • Transfers of personal data to third countries or international organisations 

    • Data subject rights 

    • The role of independent supervisory authorities (ISAs) 

    • Breaches, enforcement and liability 

    • Processing of personal data in relation to children 

    • Specific provisions in data protection legislation of particular relevance to public authorities 

    • Privacy and Electronic Communications (EC Directive) Regulations (PECR) 2003 

    • Application of data protection legislation in key areas of industry 


    You can download the syllabus on the BCS website by clicking here:



    What's Included:

    • Paperback BCS Data Protection and Compliance book released in November 2021 (sent to your preferred address prior to the course).
    • 12-month BCS Professional membership.
    • Sample papers to help you revise.
    • BCS exam (to be taken when convenient to you). 
    • Support for 1-month post-course on data protection related matters.
    • Over 30 useful tools, templates, audits, policies and more for you to use within your organisation. 
    • An innovative risk model designed for you to assess data protection risks in your organisation.
    • Opportunity to network with other data protection professionals.

    Course Format

    The course takes 4 days to complete and will be held virtually.  

    You will need access to Microsoft Teams as all sessions will be held via Teams.

    The course will start at 9:00 am and finish at 4:30 pm.

    The BCS exam is included within the cost of the course. The exam is currently available online via remote proctor, to be completed after the course at a time suitable for you.

    The DPAS Training Manager will set you up on the dedicated BCS portal, which is where you will book your exam. To access this, you will be sent a one-time link to the portal to complete your registration and book your exam.

    Although you can take your exam at a time that suits you, and there is no time limit on when you sit the exam, you will need to ensure that you are following the updated syllabus if you take it more than 6 months after the course.

    You can carry out the exam at any location convenient to you. You will use your own device for the exam. The exam is a 90-minute closed cook exam. The pass rate is 26/40 (65%)

    Our course is great for

    This qualification is aimed at those candidates who have, or wish to have, some responsibility for data protection within an organisation and need to understand the changes that the GDPR and the UK Data Protection Act 2018 will bring to data protection legislation and what needs to be done to prepare their organisations for compliance. 

    The certificate will also be useful for others who wish to obtain and demonstrate a broad understanding and application of the UK’s data protection regime. It is ideal for those candidates who already hold the Foundation Certificate in Data Protection and who want to gain a more in-depth knowledge of interpreting and applying the principles of data protection legislation and the GDPR in particular. 

    This qualification is likely to be of particular benefit to those working in the following areas:

    • Data protection and privacy

    • Information governance, risk and compliance

    • Data management

    • Project management

    • Directors/Senior managers with data protection responsibilities

    • Legal and procurement

    • Marketing and sales professionals

    • Information security and IT

    • Human resources

    Similar courses