Perhaps. I would hope that anyone accessing confidential information on a phone with such flimsy security would understand the risks they're taking.

If not then I'd question what their IT department was doing not forcing a least PIN unlock on the phone.