BCS Foundation Certificate in Data Protection

The BCS Foundation Certificate in Data Protection will explore the application of current data protection laws, including the EU-GDPR, the UK-GDPR (although not included within the exam) and the UK Data Protection Act 2018.  

The qualification demonstrates a level of practical competence and knowledge obtained by those responsible for dealing with data protection in an organisation.

• Paperback BCS Data Protection and Compliance book released in November 2021 (sent to your preferred address prior to the course).
• 12-month BCS Professional membership.
• Sample papers to help you revise.
• BCS exam (to be taken when convenient to you). 
• Support for 1-month post-course on data protection related matters.
• Several useful tools, templates, audits, policies and more for you to use within your organisation. 
• An innovative risk model designed for you to assess data protection risks in your organisation.
• Opportunity to network with other data protection professionals.

The course takes 3 days to complete and will be held virtually.  

You will need access to Microsoft Teams throughout the course as all sessions will be held via Teams.

The course will start at 9:00 am and finish at 4:30 pm.

The BCS exam is included within the cost of the course. The exam is currently available online via remote proctor to be completed after the course at a time suitable for you.

The DPAS Training Manager will set you up on the dedicated BCS portal which is where you will book your exam. To access this you will be sent a one time link to the portal to complete your registration and then book your exam.

Although you can take your exam at any time that suits you, and there is no time limit on when you sit the exam, you will need to ensure that you are following the updated syllabus if you take it more than 6 months after the course.

You can carry out the exam at any location convenient to you. You will use your own device for the exam. The exam is a 1-hour closed book exam. The pass rate is 26/40 (65%). 

The BCS Foundation Certificate in Data Protection is designed for those who wish to acquire sound knowledge in the key elements of the law and its practical application.

This qualification is primarily aimed at those who need to understand data protection, and the GDPR, to do their job; or those whose effectiveness in their role would be enhanced by knowledge of the law in this area.

The aim of the syllabus is so delegates gain knowledge of UK data protection law, including the EU General Data Protection Regulation (GDPR) and the UK Data Protection Act 2018, along with an understanding of how they are applied in practice.

Day 1

• An in depth look at data protection in Europe through the years, and how it has evolved.
• The impact Brexit has had on the GDPR in Britain, and your responsibility in ensuring compliance with the changes.
• How you and your organisation can distinguish between the different types of data and how they should be processed. 
• Aid your understanding of the principles of data protection, and what they mean for you and your organisation.
• Look at the different lawful bases for processing personal data, and how and when they apply, including the added protection special category data has.

Day 2

• Who is accountable for data protection, and how and why you ensure governance and accountability are adhered to.
• The relationship between controllers and processors in the data protection journey, and the responsibilities of each.
• The relationship between controllers and third countries when transferring data, and the different ways in which to transfer that data.

Day 3

• Understanding the rights of the data subjects you deal with and whose data you are responsible for.
• The difference between the independent supervisory authority and the ICO, helping you understand the scope of their power and limitations.
• The consequences of breaches, what enforcement action can be taken, and any liability you or your organisation could face, and why.
• Privacy and Electronic Communications (EC Directive) Regulations (PECR) 2003 and what it covers.

Candidates will be able to demonstrate knowledge and understanding of key provisions of data protection legislation in the following areas:

• An introduction to the history of data protection in the U.K.

• Principles of data protection and applicable terminology

• Lawful bases for processing of personal data

• Governance and accountability of data protection within organisations

• Controller and processor obligations

• Transfers of personal data to third countries or international organisations

• Data subject rights

• Independent supervisory authority (ICO)

• Breaches, enforcement and liability

• Privacy and Electronic Communications (EC Directive) Regulations (PECR) 2003

You can download the syllabus on the BCS website by clicking here:

www.bcs/org/media/6518/data-protection-foundation-syllabus.pdf

This qualification is primarily aimed at those who need to have an understanding of data protection, and the GDPR in particular, to do their job; or those whose effectiveness in their role would be enhanced by knowledge of the law in this area.

The Foundation Certificate will also provide a stepping stone for those who have, or who will have, some responsibility for data protection within an organisation and who intend in due course to gain the BCS Practitioner Certificate in Data Protection.

This qualification is likely to be of particular benefit to those working in the following areas:

• Data protection and privacy

• Information governance, risk and compliance

• Data management

• Project management

• Directors/Senior managers with data protection responsibilities

• Legal and procurement

• Marketing and sales professionals

• Information security and IT

• Human resources

To provide a sound understanding of data protection and the GDPR by discussing the applicable articles and principles and, various scenarios, to show how and why the GDPR and DPA compliance are vital to both individual employees and companies in ensuring data subjects and their rights are protected.