Australian companies failing to protect their customer's data will face tougher financial penalties when new privacy laws come into effect.
Federal parliament passed the laws on Monday which will significantly increase penalties for repeated or serious privacy breaches.
The maximum penalty for companies will be increased from a $2.2 million fine to one of three options.
Either a $50 million penalty, three times the value of any benefit from illegally obtained data or 30 per cent of a company's adjusted turnover will apply, depending on whichever option is the greatest cost.
The laws follow the high-profile hacks of customer data at Optus and Medibank.
Attorney-General Mark Dreyfus said the new penalties sent a clear message to companies to ensure they protect data collected from their customers or face the consequences.
"Significant privacy breaches in recent months have shown existing safeguards are outdated and inadequate," he said.
"These reforms make clear to companies that the penalty for a major data breach can no longer be regarded as the cost of doing business."
The laws also give greater powers to the Australian Information Commissioner to resolve privacy breaches and quickly share information about breaches with customers.
