Under the new provision, EU can impose fine up to 2% of global annual turnover of a company for not complying.
The European Parliament has backed a proposal to reform the data protection rules, with 621 votes in favour, 10 against and 22 abstentations.
Under the new rules, changes will ensure people have more control over what happens to their personal data, and make it easier for businesses to operate within the EU.
The proposals include a right to be forgotten, which would allow citizens to erase their data from companies’ computer systems and the right to data portability, which would allow citizens to relocate their personal data between service providers.
The proposals would also allow businesses and organisations to seek permission from individuals prior to accessing their data and install data protection safeguards in their products and services from the initial development stage.
EU Justice Commissioner Viviane Reding said: "Europe’s directly elected parliamentarians have listened to European citizens and European businesses and, with this vote, have made clear that we need a uniform and strong European data protection law, which will make life easier for business and strengthen the protection of our citizens.
"Data Protection is made in Europe. Strong data protection rules must be Europe’s trade mark. Following the U.S. data spying scandals, data protection is more than ever a competitive advantage.
"Today’s vote is the strongest signal that it is time to deliver this reform for our citizens and our businesses."
The reform could help the digital single market realise the value of individuals’ personal data, which is anticipated to reach €1 trillion per by 2020.
European Consumer Organisation (BEUC) director general Monique Goyens said: "Most people are entirely unaware that their rights are being violated when online due to what are now everyday business practises.
"Those who are aware have negligible ability to control how this data on their daily lives, buying behaviour, social media use, political views, hobbies, financial data and health records is collected and processed.
"That awareness and control need to be handed back."
Pressing the importance of personal data protection as established fundamental right in Europe, Goyens added that it must not be influenced by the commercial acquisition, processing, retention and sale of personal data, apart from where it crops up.
"MEPs have dealt with the matter seriously and have voted for legal protections which are robust and appropriate," Goyens said.
"The challenge now is to ensure the substantial amount of work is not unravelled by national government representatives in the Council or in the face of transatlantic pressure."