BCS Practitioner Certificate in Data Protection

The BCS Practitioner Certificate in Data Protection is aimed at experienced Data Protection professionals, and those candidates that want to build on the BCS Foundation Certificate to gain a broader and deeper understanding of the current laws.

None of these dates work for you? Suggest another date & time


Delegates will gain a broader and deeper understanding of current laws, including the EU-GDPR, UK-GDPR (although not included within the exam) and the UK Data Protection Act 2018, and how they need to be applied in your organisation.


The qualification demonstrates a level of practical competence and knowledge obtained by those responsible for dealing with data protection in an organisation.


Course Content

The aim of the syllabus is so delegates gain knowledge of UK data protection law, including the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018, along with an understanding of how they are applied in practice.

Day 1

  • History of Data Protection

  • Principles of Data Protection & Applicable Terminology

  • Lawful bases for processing Personal Data


Day 2

  • Governance and Accountability

  • Interaction between Controller and Processor

  • Transfers of Personal Data to third countries


Day 3

  • Data Subject Rights

  • Independent Supervisory Authority

  • Breaches, Enforcement and Liability


Day 4

  • Privacy and Electronic Communications Regulations 2003 (PECR)

  • Children’s processing

  • Public authorities

  • Industry Specific application


Candidate will be able to demonstrate knowledge and understanding of key provisions of Data Protection legislation in the following areas: 

  • Context of data protection legislation. 

  • Principles of data protection and applicable terminology 

  • Lawful basis for processing of personal data 

  • Governance and accountability of data protection within organisations 

  • Interaction between Controller and Processor, and role of third parties 

  • Transfers of personal data to third countries or international organisations 

  • Data Subject rights 

  • The role of Independent Supervisory Authorities (ISAs) 

  • Breaches, enforcement and liability 

  • Processing of personal data in relation to children 

  • Specific provisions in data protection legislation of particular relevance to public authorities 

  • Privacy and Electronic Communications (EC Directive) Regulations (PECR) 2003 

  • Application of data protection legislation in key areas of industry 


You can download the syllabus on the BCS website by clicking here:



What's Included:

In addition to the 4 days of interactive or onsite training & exam, we also give you access to added-value products and services that allow you to start or continue your work within Data Protection:

  • Lunch and refreshments every day (classroom courses only)

  • 12 month BCS associate membership

  • Trainer with over 20 years of experience in the industry

  • All course materials shared via Microsoft 

  • Our latest Data Protection Assurance Audit which you can use when you are back in the workplace to assess compliance and develop remediation plans. Within this tool is a great one-page reporting template for your board.

  • An innovative risk model which is designed for you to assess data protection risks in your organisation.

  • Access to all the latest legislation, regulations and Data Protection case studies from the UK and EU.

  • Access to our full suite of GDPR and Data Protection policies which include Data Breach, Data Protection Impact Assessments, Privacy Notices, Legitimate Interest Assessments

  • Access to our full template suite of Individual rights policies, decision trees and template letters, everything you need to deliver Articles 12 – 22 of GDPR.

Course Format

The course takes 4 days to complete and will be held virtually.  

You will need access to Microsoft Teams and OneDrive throughout the course. All documents will be shared via OneDrive and sessions will be held via Teams.

The course will start at 9:00 am and finish at 4:30 pm.

The BCS exam is included within the cost of the course. The exam is currently available either in a classroom or online via remote proctor. 

The exam format is as follows:

90-minute closed book exam with 40 multiple choice questions. The pass mark is currently 65% (26/40). 


Our course is great for

This qualification is aimed at those candidates who have, or wish to have, some responsibility for data protection within an organisation and need to understand the changes that the GDPR and the UK Data Protection Act 2018 will bring to data protection legislation and what needs to be done to prepare their organisations for compliance. 

The certificate will also be useful for others who wish to obtain and demonstrate a broad understanding and application of the UK’s data protection regime. It is ideal for those candidates who already hold the Foundation Certificate in Data Protection and who want to gain a more in-depth knowledge of interpreting and applying the principles of data protection legislation and the GDPR in particular. 

This qualification is likely to be of particular benefit to those working in the following areas:

  • Data Protection and Privacy

  • Information Governance, risk and compliance

  • Data Management

  • Project Management

  • Directors/Senior Managers with Data Protection responsibilities

  • Legal and procurement

  • Marketing and Sales professionals

  • Information Security and IT

  • Human Resources