'Recent incidents of data loss on a large scale by government agencies and companies reveal a structural problem, even in Europe.
At the level of the European Union people are working on a consistent approach. Recently in Brussels  a seminar was organised by the European Data Protection Service (EDPS), together with the European Network and Information Security Agency (ENISA). On this day, both the problem itself was explained, as well as how your company or organization should address such an incident. And also how all stakeholders (government, injured) had to be informed.
Ultimately the Commission is pursuing a generalization of the reporting in data loss. This should become part of a larger whole, with better data governance, greater accountability and better data protection. The goal of the seminar was therefore to gather more working data, best practices and such, with an eye on both a legal and technological framework. One principle is that those who benefit from the data also must take responsibility for the risk of losing data to minimize.
In any case The Commission will start up a major initiative on network and information security in 2010.