Don Warner Saklad said:
> a) Forensics studies deal with how to retrieve "deleted" "unarchived"
> data. So called "deleted" data is actually available.
Computer forensics cannot always get the data back. Television crime shows
greatly exaggerate the capabilities of computer forensics. It depends on what
format the data was in, how the data was deleted, and what has happened on the
computer since it was deleted. Even in the cases where it is possible, it
requires taking the system offline (making it unavailable for other people to
use), requires specialized software, can take days of work, and often can
retrieve only part of the data. This is not feasible in a working database
like your library network.
> b) Setup the system not to delete records belonging to users. Let users keep
> their information saved for followup. Or at the very least notify users
> beforehand.
Millennium cannot do that. The only internal mechanism in Millennium to
prevent records from being deleted is by controlling who can perform deletions.
There is no mechanism in Millennium to notify either the person deleting or
the owner of a review file that a record being deleted is in a review file. It
is not feasible for someone deleting records to manually check every review
file to see whether a record is in one of them.
The only way to control deletions is by careful training, limiting who can
delete data, and establishing policies on when and how data are deleted. This
is something between you and the consortium, but it sounds like Minuteman has
established policies and is following them.
Steve McDonald
steve.mcdon...@tufts.edu
