Encryption is an easy win for aspects of GDPR compliance

A stolen laptop with encryption software would count as a physical loss, not a data one.