BCS Data Protection Practitioner Certificate - Virtual Classroom

Our BCS Practitioner Certificate in Data Protection is aimed at experienced Data Protection professionals, and individuals looking to build on the BCS Foundation Certificate in Data Protection.

Through this training you will gain a deeper understanding of current laws, such as the EU GDPR and the UK Data Protection Act 2018, as well as learning how they need to be applied into your organisation.

Upon completion of this course you will earn an industry recognised practitioner certificate in data protection. 

If you have not already completed your BCS Foundation Certificate in Data Protection we suggest you enrol onto that course first before progressing onto the practitioner level.  

Key features
  • Delivery Method: Virtual Classroom
  • Exam: Included
  • Duration: 5 Days
  • Join a community of over 575,000 learners
  • Interest-Free Payments
  • Fully Accredited Qualifications

Select your date

Inc. VAT
Free course advice
Learn more about how we use your data
Key features
  • Delivery Method: Virtual Classroom
  • Exam: Included
  • Duration: 5 Days
  • Join a community of over 575,000 learners
  • Interest-Free Payments
  • Fully Accredited Qualifications
Course Details

What is the BCS Practitioner Certificate in IS Project Management course?

This advanced Data Protection training course provides you with a deeper understanding of UK data protection law, GDPR, and the UK Data Protection Act 2018. You will gain a thorough understanding of how these protective laws should be applied into your business, and how you can help your organisation to be compliant in the way you process your customers personal information.

The BCS Practitioner Certificate in Data Protection has been developed for delegates looking to gain an advanced understanding of the elements of the UK and Europe data protection law and how to adhere to them within your organisation.

Who is this course suitable for?  

This qualification has been designed for individuals who have, or who are looking to have, some responsibility for data protection within their business. Those who need to understand the changes required to help their business become, or remain GDPR compliant, will benefit from this training course.

Delegates who have already studied the their BCS Foundation Certificate in Data Protection and looking to gain a more in-depth knowledge of interpreting and applying the principles of data protection legislation and the GDPR, would also find this training useful.

While it is not a prerequisite, it would be beneficial for delegates to have already studied the BCS Foundation Certificate in Data Protection before undertaking this training.

Career Opportunities

While this training would be useful for many different backgrounds and job titles, we do find this qualification typically benefits individuals who work in the following areas:

  •    Data Protection and Privacy - £23K+
  •    Marketing and Sales professionals - £30K+
  •    Human Resources - £31K+
  •    Data Management - £31K+
  •    Project Management - £44K+
  •    Legal and procurement - £47K+
  •    Information Governance, risk, and compliance - £48K+
  •    Information Security and IT - £53K+
  •    Directors/Senior Managers with Data Protection responsibilities - £100K+

(Source: Glassdoor)

Why choose e-Careers to study this course

With over 10 years’ experience in the training and education sector, we have enhanced and fine-tuned our overall training offering; from selecting the best trainers, having the most relevant course materials and best customer support. We have trained over 575,000 delegates from around the world and have achieved a 5-star rating, from over 8,500 students on Trustpilot.

You’ll also benefit from:

  •    Highly quality training
  •    Expert Tutor Support
  •    Interest-Free Payment Plans

Course Details & Syllabus

Learning Outcomes

  •    Gain an understanding of the key changes and the associated implications that the GDPR and the UK Data Protection Act 2018 introduce to data protection.
  •    Gain an understanding of individual and organisational responsibilities under the GDPR and the UK Data Protection Act, particularly the need for effective record keeping.
  •    Be able to apply the new rights available to data subjects and understand the implications of those rights.
  •    Be able to demonstrate an understanding of the designation, position, and role / tasks of a data protection officer.
  •    Be able to prepare organisations to manage and handle personal data in compliance with the GDPR and the UK Data Protection Act.


Context (7.5%)

  •    Explain the concepts of data protection and privacy.
  •    Describe the history of data protection in the UK.
  •    Illustrate how the wider territorial scope and jurisdiction of the GDPR impacts the processing of personal data by global organisations, including those who may not have a business (legal entity) established within the EU.

Principles of data protection and applicable terminology (5%)

  •    Interpret the major definitions in the GDPR and the Data Protection Act 2018. They should also be able to explain these definitions and identify what information and processing activities are subject to the GDPR.

Lawful bases for processing of personal data (5%)

  •    Illustrate the lawful bases to process personal data listed under (Article 6) of the GDPR.  and as displayed below:
  •    Describe the conditions for processing special category data and the exemptions (Article 9).

Governance and accountability of data protection within organisations (20%)

  •    Identify the accountability and data governance obligation (Article 5 (2)).
  •    Describe the purpose of a Data Protection Impact Assessment (DPIA).
  •    Demonstrate the process of conducting a DPIA.
  •    Explain what a record of processing activity is, the information it should contain and why this is important (Article 30).
  •    Outline the interplay with privacy notices (Article 13 & 14).
  •    Demonstrate how to adopt a data protection by design and by default approach (Article 25).
  •    Identify suitable information security measures (Article 32).
  •    Explain the designation, position, and tasks of the Data Protection Officer (DPO) (Article 37 to 39).

Interaction between controller and processor, and role of third parties (10%)

  •    Explain controller and processor obligations and identify principles raised under key case law (Article 24 & 28).
  •    Describe the concept of joint controllership (Article 26)
  •    Describe the act of processing under the authority of a controller or processor (Article 29)
  •    Explain what a Data Processing Agreement is and when it would be necessary in a controller-processor arrangement.
  •    Identify who would be considered as a recipient or a third party and how this works in practice.

Transfers of personal data to third countries or international organisations (2.5%)

  •    Recognise the general principles for transferring personal data to third countries and illustrate what issues might arise.

Data subject rights (5%)

  •    Demonstrate a detailed knowledge of the key rights granted to individuals (Articles 12 to 17 and 21 to 22). Specifically, you will be able to explain data subject rights.
  •    Express awareness of the following rights in addition to the above. However, these will not be examined in the Practitioner Certificate.
  •    Restriction of processing (Article 18)
  •    Obligation to notify the rectification, erasure or restriction to recipients and the data subject (Article 19).
  •    Portability (Article 20)
  •    Demonstrate knowledge of the restrictions and exemptions that may affect data subject rights
  •    Restrictions (Article 23)
  •    Exemptions (Schedule 2 - Parts 1 to 4 of DPA 18)

The role of supervisory authorities (SAs) (7.5%)

  •    Explain the role and importance of supervisory authorities.
  •    Explain the Role of the Information Commissioner’s Office (ICO) as the UK SA.
  •    Describe the Role of the European Data Protection Board (EDPB) (Articles 64, 65 & 70).

Breaches, Enforcement and Liability (12.5%)

  •    Explain what constitutes a personal data breach
  •    Explain when the obligation arises to report breaches of personal data (Articles 33 & 34)
  •    Explain how a data protection complaint arises (Article 57 (1)(f))
  •    Describe the sanctions that could be imposed because of a personal data breach or data protection complaint:
  •    Identify the role of tribunal and judicial courts

Processing of personal data in relation to children (2.5%)

  •    Explain how data protection legislation applies to children.

Specific provisions in data protection legislation of relevance to public authorities (7.5%)

  •    Define the meanings of public authority and public body and how it relates to both DPA 18 and the GDPR (Section 7 of DPA 18).
  •    Explain the provisions relating to Data Protection Officers (DPOs) for public authorities.
  •    Explain awareness of the existence of the exemptions for health social work and education (Schedule 3, DPA 18).

Privacy and Electronic Communications (EC Directive) Regulations (PECR) 2003 (5%)

  •    Explain the relationship between PECR and the GDPR, including PECR’s.
  •    Explain the status of PECR and the likely future development of this legislation.

Application of data protection legislation in key areas of industry (10%)

  •    Recognise the data protection implications of the Employment Practices Code.
  •    Describe how the use of CCTV (Data Protection Code of Practice for surveillance cameras and personal information) is governed by data protection law.
  •    Identify how the use of cookies and digital technologies is governed by data protection law
  •    Explain how data sharing practices are governed by data protection law
  •    Explain the exemptions for journalism and freedom of expression under data protection law

Exam Details

Type - Multiple choice

Number of questions – 40

Duration - 90 Minutes

Supervised - Yes

Open Book - No

Pass Mark – 26/40 (65%)

Career Advice
​Our experts offer valuable advice sharing their experience and insights which will enable you to make informed decisions throughout your career.
Our panel of industry experts proudly bring you the latest news and views, covering all our categories, to keep you well informed.
Cyber Security
A look at Cloud Computing, which has made communication during troubled times possible.
Read Blog
Cyber Security
Thinking about a career change? The cyber security market is expected to grow to £3.5 million in the next year.
Read Blog
Cyber Security
Cyber security has been a hot topic in both the media and the business world in the past year - here's why.
Read Blog
We're Trusted by
Hundreds of thousands of individuals, small businesses and large corporations continuously put their trust in e-Careers.​
We are proud to have trained individuals who work for some of the world’s largest companies, including:​
Trusted by Trusted by