BCS Practitioner Certificate in Data Protection

Delivered on-line or face to face

The BCS Practitioner Certificate in Data Protection is designed for candidates with some existing data protection responsibilities, wishing to gain a broader understanding of current laws, including the General Data Protection Regulation (GDPR) and the Data Protection Act 2018.

Level - SFIA Level 3

This course is intended for people who have existing responsibilities in data protection and have a basic understanding of relevant legislation.  For the BCS Practitioner Certificate in Data Protection syllabus please click here.

Course Dates

On-line courses will be scheduled throughout the year and are taught on a modular basis.  This qualification is made up of 10 half day modules plus assessment.


From £2,250 (including assessment).  All prices are subject to VAT.  Click here to see what’s included in the price.

BCS data protection certificate


Tkm Course Listing

Course TitleDateLocationPrice
BCS Practitioner Certificate in Data Protection21, 22, 28, & 29 Sep & 5 Oct 21On-line - 5 days£2,250 + VAT

3 places available



If you would like to join a specific module on-line, please make a note of the code for the booking form.

Each on-line module takes half a day, which can include work to be completed either before or after any on-line sessions.


Your content goes here. Edit or remove this text inline or in the module Content settings. You can also style every aspect of this content in the module Design settings and even apply custom CSS to this text in the module Advanced settings.

Module 1 – The Context of Data Protection and the ICO (BCSP1)
  • The context of data protection
  • Scope of the General Data Protection Regulation
  • The role of the ICO
  • Offences
  • Introduction to the European Data Protection Board
Module 2 – Definitions and an Introduction to the Data Protection Principles (BCSP2)
  • Definitions
  • Special categories of personal data and criminal offence data
  • An introduction to data protection principles
Module 3 - Principles in Practice, Lawful Bases and Conditions for Processing Special Categories of Personal Data (BCSP3)
  • Practical implementation of the data protection principles
  • Lawfulness of processing 
  • Conditions for processing special categories of personal data
  • Consent
Module 4 – Rights of Data Subjects (BCSP4)
  • Transparent information, communication and modalities for the exercise of the rights of the data subject
  • Provision of information
  • Other rights of Data Subjects
  • Available remedies
Module 5 – Responsibilities of Controllers and Processors including Information Security, Data Protection Officers and Transfers (BCSP5)
  • Responsibilities of controllers
  • Responsibilities of processors
  • Information security
  • Requirements for Data Protection Officers, DPIAs and breach reporting
  • Transfer of personal data to third countries or international organisations.

Note that some of the responsibilities for controllers are also covered in other modules.

Module 6 – The Application of Exemptions (BCSP6)
  • Crime and taxation
  • Information required to be disclosed by law or in connection with legal proceedings
  • Protection of the rights of others
  • Legal professional privilege
  • Management forecasts
  • Negotiations
  • Confidential references
  • Special purposes
  • National security


Module 7 – PECR and other Associated Legislation (BCSP7)
  • Privacy and Electronic Communication Regulations
  • Other associated legislation
Module 8 – Interpretation and Practical Application of the Legislation – Codes of Practice (BCSP8)
  • Managing employees
  • Monitoring (using surveillance cameras as a working example). This part will also reference the Surveillance Camera Code of Practice and the role of the Surveillance Camera Commissioner
  • Information sharing and appropriate safeguards for transferring information to a third party
Module 9 - Other roles of the ICO, the role of the tribunal and judicial courts, territorial scope and the role of the EDPB (BCSP9)
  • Other roles of the ICO
  • The Role of the tribunal and judicial courts
  • The role of the EDPB
Module 10 - Other Relevant Legislation, Application of Legislation and Liabilities (BCSP10)
  • Other legislation
  • Age Appropriate Desing Code
  • The application of data protection legislation to cookies and digital technologies
  • Liabilities
*BCS Practitioner Certificate in Data Protection - Revision and Exam (BCSP12)
  • A 1-2-1  revision session (1 hour)
  • Practice questions with answers
  • Exam

Please note prices for this module are different from those above and provided on request.


Learning Outcomes & Course Information

Gain an understanding of the key changes and the associated implications that the GDPR and the UK Data Protection Act 2018 introduce to data protection

Gain an understanding of individual and organisational responsibilities under the GDPR and the UK Data Protection Act, particularly the need for effective record keeping.

Be able to apply the new rights available to data subjects and understand the implications of those rights

Be able to prepare organisations to manage and handle personal data in compliance with the GDPR and the UK Data Protection Act

Be able to demonstrate an understanding of the designation, position and role / tasks of a data protection officer

Course materials

Course materials are included in the cost of either the module or full course and are provided in hard copy. 

Please note that if you purchase the course by individual modules the assessment must be purchased separately.

What's included in the price?

When you pay for the course in full the price includes:

  • 10 half day modules
  • Printed course materials
  • A course handbook
  • A one hour 1-2-1 session for revision
  • An on-line assessment with the BCS.

Course information

The BCS Practitioner Certificate in Data Protection is 40 hours of study and the syllabus is available here.

Discount available for IRMS members

Please contact us for details.

This is an intensive learning course

Please note that some prior understanding of data protection law is required to maximise the benefit of completing this course.


The assessment for this qualification is usually run approximately 4 weeks after a course for face to face delivery, or arranged by candidates using the BCS’s proctoring service for on-line courses.

Book A Course Today!

See our training courses page for scheduled courses.  If you need any help deciding which course if for you, please contact us.

View All Courses