Re: Backups are not archives
"Backups are an operational tool that allows for recovery in a disaster. As such, there should be no need to keep backups for longer than you would need to recover from in such a disaster.. say a month or two."
You'd think so, but we get a constant trickle of people asking to restore a file they realise has been deleted and find that it went away a year ago, or need to go back to an old dataset for some reason.
None of this is PII stuff, but it raises another problem in many backup environments where policy is set to avoid backing up PII, but users do stupid things and PII data gets placed in the areas which _are_ being backed up.
The counterpoint to this is when non-PII/personal data (such as statistical data or source code) is placed in personal space and someone else needs to access it long after the person in question has left. Not enough organisations have procedures in place to ensure that "business" data is not locked away or lost in this manner.