November 20, 2019
REVENUE MEMORANDUM ORDER NO. 058-19
| SUBJECT | : | BIR Incident and Data Breach Response Plan |
| TO | : | All BIR Officials, Employees and Others Concerned |
In fulfilling its mandate, the Bureau of Internal Revenue collects, processes, and stores Personally Identifiable Information (PII) about taxpayers, employees, and other stakeholders. Under Republic Act No. 10173, known as the Data Privacy Act of 2012, all sensitive personal information maintained by the government, its agencies and instrumentalities shall be secured and safeguarded against any accidental loss or unlawful destruction, alteration, and disclosure, as well as against any other unlawful processing. AaCTcI
The importance of responding appropriately to incident or confirmed data breach is significant to secure BIR assets and data. Thus, the development of the BIR Incident and Data Breach Response Plan to provide guidance to all BIR officials and employees.
This Order shall take effect immediately.
(SGD.) CAESAR R. DULAY
Commissioner of Internal Revenue
ATTACHMENT
Incident and Data Breach Response Plan
Version 1.0
(November 20, 2019)
EXECUTIVE SUMMARY
The Bureau of Internal Revenue (BIR) upholds the protection of Personally Identifiable Information (PII) which the BIR collects,...
