Rule no. 1: Encrypt all data
Rule no. 2: Store key card in a different location, or on person, and/or include additional mandatory biometric unlocking.
Rule no. 3: Never leave laptop in car, unless for a short time while locked in vault.
Rule no. 4: Make sure that the documents are marked and traceable, in case the first lines of defense fail due to human error, and the computer's cache memory should be frequently flushed and scrubbed.
Not carrying more documents than immediately needed may help reduce the impact of a breach.
It would make sense to not store any data on the computer storage itself anyway (does it even have document storage?).
But that's unfortunately too late in this case.