I'm not an expert in privacy law, and I don't think I'm in a position, really, to direct you to which countries you ought to canvass.
In terms of data breaches, my understanding of data breaches is limited to those instances, say, when material or information is misused or is perhaps inadvertently subject to disclosure or is perhaps mishandled, and those sorts of things. As for any other breach of a policy or regulation, that requires the application of the policies we have for understanding and rectifying the root cause of the breach, assessing the seriousness of the breach, and taking action to fix it.