The Information Commissioner has published two best practice guidelines, which make interested reading after the HMRC security breach. They concern the use of encryption and the security of personal information.
Arguably, all mobile devices, including laptops, that may contain personal data should now have some form of encryption to protect that data. Otherwise data controllers may not be compliying with the 7th Data Protection Principle.