Strictly speaking, to prevent HTML injection, you need only encode < as <.
If user input is going to be put in an attribute, also encode " as ".
If you’re doing things right and using properly quoted attributes, you don’t need to worry about >. However, if you’re not certain of this you should encode it just for peace of mind – it won’t do any harm.