BCS Data Protection Practitioner Certificate – Virtual Classroom


Course Overview

The BCS Practitioner Certificate in Data Protection course has been created for experienced Data Protection professionals, and for those who have completed The BCS Prortection Foundation Certificate.

If you are looking to gain an advanced understanding of the elements of UK and European data protection law, and how to adhere to them within your organisation, then this is the course for you.

Our five day virtual course will provide delegates with a deeper understanding of current laws, including the EU GDPR and UK Data Protection Act 2018, as well as learning how they need to be applied into your place of work.

Key Learnings Include:

  • Gain a thorough understanding of how these protective laws should be applied into your business
  • How to help your organisation remain compliant when processing customer data

On successful course completion you will earn an industry recognised practitioner certificate in data protection.

This course benefits from 1 year BCS membership worth £92 and our Exam Pass Guarantee*.

For those who haven’t completed the BCS Prortection Foundation Certificate, we suggest you do so before moving onto Practitioner level.

Course code







Is the BCS Data Protection Practitioner course suitable for me?

This training course would benefit anyone who has or would like to have a level of responsibility for data protection within an organisation. It would also be beneficial for those who need to understand the changes required to help their business become, or remain GDPR compliant.

Data protection responsibilities fall into most departments within an organisation, therefore having an appointed speciailist in a team would be beneficial and could prevent any data breaches, resulting in costly fines of up to €20 million.

While it is not a prerequisite, it would be beneficial for delegates to have already studied the BCS Prortection Foundation Certificate, and as such, we suggest you do so before moving onto Practitioner level.


How will the BCS Data Protection Practitioner course benefit me?

You will learn the key skills to support your current job role in Data Protection, or to embark on a new career in this field.

In addition you will also benefit from:

  • Exam Pass Guarantee*
  • 1-year BCS membership included, worth £92!
  • Our virtual classroom course will allow you to fast-track your learning
  • Learn from expert trainers with vast experience in this field
  • Enhance your career prospects
  • Interest-free payment options to spread the cost should you want to

BCS Membership Benefits

This course benefits from 1-year BCS membership worth £92, which is available when you pass your first exam.

Benefits of Associate Membership include:

  • Professional recognition
  • Career development
  • Networking
  • Knowledge and best practice
  • Exclusive discounts and offers

Full BCS membership details can be found here.


What jobs can I apply for after my BCS Data Protection Practitioner training?

The BCS Practitioner Certificate in Data Protection is beneficial for many different businesses, divisions and job titles.

Working in areas including:

  • Data Protection and Privacy – £23k
  • Marketing and Sales professionals – £30k
  • Human Resources – £31k
  • Data Management – £31k
  • Project Management – £44k
  • Legal and procurement – £47k
  • Information Governance, risk, and compliance – £48k
  • Information Security and IT – £53k
  • Directors/Senior Managers with Data Protection responsibilities – £100k

(Source: Glassdoor)

Why Us

Why choose to study the BCS Data Protection Practitioner course with e-Careers?

We have developed an expert team over the last 10 years since our inception. In that time, we have trained over 625,000 delegates globally, which has helped offer the highest quality training, and we have earned a 5-star rating on Trustpilot, from over 10,000 students.

By refining our processes, partner relationships, and course materials, we can offer high-quality training solutions for our delegates.

*Exam Pass Guarantee

Our virtual classroom training has provided high pass rates, which has made us confident to offer an Exam Pass Guarantee. Have peace of mind, knowing we’ll support you until you are certified.

With our Exam Pass Guarantee, if you do not pass the exam after attending our training course, you can attend the same training again for free.

All we ask is that you:

  • Attend all class days and complete all assignments.
  • Take the exam within 30 days of your Virtual Classroom training.
  • Request your course re-enrolment within 30 days of the failed exam attempt.

Please note: Students retaking the course must use any materials or books distributed to them in their original course session. Failure to provide these materials will result in the student being charged for replacement(s).

Exam Pass Guarantee does not include the resit exam; this would be an additional cost.


BCS Data Protection Practitioner Syllabus

Learning Outcomes

  • Gain an understanding of the key changes and the associated implications that the GDPR and the UK Data Protection Act 2018 introduce to data protection.
  • Gain an understanding of individual and organisational responsibilities under the GDPR and the UK Data Protection Act, particularly the need for effective record keeping.
  • Be able to apply the new rights available to data subjects and understand the implications of those rights.
  • Be able to demonstrate an understanding of the designation, position, and role / tasks of a data protection officer.
  • Be able to prepare organisations to manage and handle personal data in compliance with the GDPR and the UK Data Protection Act.

Context (7.5%)

  • Explain the concepts of data protection and privacy.
  • Describe the history of data protection in the UK.
  • Illustrate how the wider territorial scope and jurisdiction of the GDPR impacts the processing of personal data by global organisations, including those who may not have a business (legal entity) established within the EU.

Principles of data protection and applicable terminology (5%)

  • Interpret the major definitions in the GDPR and the Data Protection Act 2018. They should also be able to explain these definitions and identify what information and processing activities are subject to the GDPR.

Lawful bases for processing of personal data (5%)

  • Illustrate the lawful bases to process personal data listed under (Article 6) of the GDPR. and as displayed below:
  • Describe the conditions for processing special category data and the exemptions (Article 9).

Governance and accountability of data protection within organisations (20%)

  • Identify the accountability and data governance obligation (Article 5 (2)).
  • Describe the purpose of a Data Protection Impact Assessment (DPIA).
  • Demonstrate the process of conducting a DPIA.
  • Explain what a record of processing activity is, the information it should contain and why this is important (Article 30).
  • Outline the interplay with privacy notices (Article 13 & 14).
  • Demonstrate how to adopt a data protection by design and by default approach (Article 25).
  • Identify suitable information security measures (Article 32).
  • Explain the designation, position, and tasks of the Data Protection Officer (DPO) (Article 37 to 39).

Interaction between controller and processor, and role of third parties (10%)

  • Explain controller and processor obligations and identify principles raised under key case law (Article 24 & 28).
  • Describe the concept of joint controllership (Article 26)
  • Describe the act of processing under the authority of a controller or processor (Article 29)
  • Explain what a Data Processing Agreement is and when it would be necessary in a controller-processor arrangement.
  • Identify who would be considered as a recipient or a third party and how this works in practice.

Transfers of personal data to third countries or international organisations (2.5%)

  • Recognise the general principles for transferring personal data to third countries and illustrate what issues might arise.

Data subject rights (5%)

  • Demonstrate a detailed knowledge of the key rights granted to individuals (Articles 12 to 17 and 21 to 22). Specifically, you will be able to explain data subject rights.
  • Express awareness of the following rights in addition to the above. However, these will not be examined in the Practitioner Certificate.
  • Restriction of processing (Article 18)
  • Obligation to notify the rectification, erasure or restriction to recipients and the data subject (Article 19).
  • Portability (Article 20)
  • Demonstrate knowledge of the restrictions and exemptions that may affect data subject rights
  • Restrictions (Article 23)
  • Exemptions (Schedule 2 – Parts 1 to 4 of DPA 18)

The role of supervisory authorities (SAs) (7.5%)

  • Explain the role and importance of supervisory authorities.
  • Explain the Role of the Information Commissioner’s Office (ICO) as the UK SA.
  • Describe the Role of the European Data Protection Board (EDPB) (Articles 64, 65 & 70).

Breaches, Enforcement and Liability (12.5%)

  • Explain what constitutes a personal data breach
  • Explain when the obligation arises to report breaches of personal data (Articles 33 & 34)
  • Explain how a data protection complaint arises (Article 57 (1)(f))
  • Describe the sanctions that could be imposed because of a personal data breach or data protection complaint:
  • Identify the role of tribunal and judicial courts

Processing of personal data in relation to children (2.5%)

  • Explain how data protection legislation applies to children.

Specific provisions in data protection legislation of relevance to public authorities (7.5%)

  • Define the meanings of public authority and public body and how it relates to both DPA 18 and the GDPR (Section 7 of DPA 18).
  • Explain the provisions relating to Data Protection Officers (DPOs) for public authorities.
  • Explain awareness of the existence of the exemptions for health social work and education (Schedule 3, DPA 18).

Privacy and Electronic Communications (EC Directive) Regulations (PECR) 2003 (5%)

  • Explain the relationship between PECR and the GDPR, including PECR’s.
  • Explain the status of PECR and the likely future development of this legislation.

Application of data protection legislation in key areas of industry (10%)

  • Recognise the data protection implications of the Employment Practices Code.
  • Describe how the use of CCTV (Data Protection Code of Practice for surveillance cameras and personal information) is governed by data protection law.
  • Identify how the use of cookies and digital technologies is governed by data protection law
  • Explain how data sharing practices are governed by data protection law
  • Explain the exemptions for journalism and freedom of expression under data protection law

BCS Data Protection Practitioner Exam Details

Type – Multiple-choice.

Number of questions – 40.

Duration – 90-Mins.

Supervised – Yes.

Open book – No.

Pass mark – 26/40 (65%).

Other Courses at DGC

ITIL® 4 Foundation – Online

e-careers the home of professional qualifications. Book Today!

Course OverviewOur online course for ITIL® 4 Foundation will teach you the fundamental ITIL concepts and terminology, including the seven guiding principles of ITIL 4 and four dimensions of service management. This qualification will help you work towards becoming an IT Project Manager, Service Delivery Manager, or Senior Project Mana...

AWS Cloud Computing Career Academy Programme

e-careers the home of professional qualifications. Book Today!

Cloud Computing continues to be a widely popular career choice, with interest from individuals with both IT and non-IT experience, due to the current demand of Cloud professionals across most sectors.Our Career Academy Programmes are changings lives, one student at time, and many of our graduates go on to forge successful careers as Solut...

BCS Artificial Intelligence Foundation Certificate – Virtual Classroom

e-careers the home of professional qualifications. Book Today!

Course OverviewArtificial Intelligence (AI) is a methodology used by organisations to imitate human intelligence behaviour. Our BCS AI training course will teach you the knowledge, terminology and principles of Artificial Intelligence.BCS has built on the Artificial Intelligence Essentials certification training course, to develop a portf...