An official investigation following the loss discovered that Nationwide did not start its own investigation until three weeks after the event.
Jamie Cowper, EMEA marketing manager at data encryption firm PGP Corporation, said that the huge fine should serve as a warning to other companies not to play fast and loose with customer data.
He added that more must be done to protect customer information, particularly when it is stored on vulnerable portable devices such as laptops.
"The fact that Nationwide waited three weeks before even starting an investigation into the theft is a wake-up call to our culture of data complacency in the UK," said Cowper.
"The government should seriously consider adopting US-style data breach disclosure laws, where companies are compelled to act much sooner.
"And, of course, if more companies were using data security technologies such as encryption, laptop theft would quickly cease to be such a goldmine for criminals."
Microsoft comes up with a new way to foist its unloved and little used Edge web browser on people
Facebook suspends Cambridge Analytica following weekend claims that it illegally harvested information from 50 million users
Insider claims Cambridge Analytica used academic app to filch Facebook data of 50 million users
Is the Samsung Galaxy S9+ worth its high price?