The Information Commissioner's Office (ICO) now has the power to impose " substantial" fines on companies flouting data protection legislation in the UK.
The new powers come under the Criminal Justice and Immigration Act which has recently been given Royal Assent.
The Data Protection amendment was proposed by Liberal Democrat MPs while the Bill was being debated in the House of Commons, and the amendment has since been adopted by the government.
New powers will be applicable to any organisation which "deliberately" or " recklessly" commits a serious breach of the Data Protection Act.
The Act does not apply retrospectively. The ICO is currently waiting for notification from the Ministry of Justice as to when the Act will be effective.
"This new power will enable some of the worst breaches of the Data Protection Act to be punished," said David Smith, deputy Information Commissioner.
"By demonstrating that the law is being taken seriously, tougher sanctions will help to reassure individuals that data protection matters and give them confidence that organisations have no choice but to handle personal information properly."
Prosecution of breaches of the Data Protection Act will be limited to fines and will not be extended to jail sentences for company directors found to be responsible, said a spokesperson for the ICO.
Some parts of Atacama have not received rainfall for 500 years - but a sudden deluge of water upset the Desert's delicate biological balance
Spitzer Space Telescope could not spot Oumuamua, suggesting that it is actually pretty small
Greenland crater one of the 25 largest impact craters on Earth
This long-sought progenitor star was identified in an image captured by Hubble in 2007