I don’t agree with you.
I had lot of doubt to build a system fully encrypted and how allow people to retrieve the data in case they lost the password.
I think that a staff password that is an universal key in your example would create more problem than benefits. That’s because the staff will be responsible for all the security of the information and could get problem in case of wrong use of the staff password.
Maybe we should see the problem from a different prospective. Why don’t use like in crypto wallet the 12 words that allow to recover your crypto tokens if you loose the password of your wallet?
In this case the system would be fully encrypted and staff would be not responsible for any leak of information avoiding all the problems.
If people want to get an encrypted system, they don’t want someone can access the data, even if it is the most trustable staff in the world.
In case I would suggest a component that encrypt but also generate 12 word (or the 3 QR codes) like are doing in most of the wallets.
That’s my opinion.