You screw up like this in my department and it's an automatic firing. Also depending on the gravity of the screw up, there may be criminal prosecution (that's in the law governing my department). Security of information is pretty much the "prime directive" and there are no excuses.
I never understood how in hell confidential data ends up on USB keys, portable hard drives or laptops that can be taken off the premises. How many stories like this have we seen in the past few years, from governments, insurance companies, credit card companies etc? And of course most of the time the data isn't even encrypted.