Personally, after hearing what your wife was actually facing in terms of “restoring from scratch” (the depth of which was not entirely clear before now), I would’ve been testing all those backups available in Time Machine.
I would’ve dropped back 6-12 months, and if that worked, moved forward until it didn’t; dropping back as far as needed until I salvaged as much as possible as a starting point. Of course, not everyone has very old clones and deep TM archives, but if you’re facing that kind of data loss, you obviously should.
For those categories that were too incomplete to effectively rebuild from that point, turning to iCloud or Backup Extractor would’ve readily filled the gaps; e.g., Notes is something that could’ve been fully retrieved with the click of a button, quite probably even if the rest of the backup were corrupt (I can’t fully guarantee that claim since I don’t have your corrupt backup to test and Notes might well be something that is corrupted).
I can’t count the number of times we’ve had to drop back to clones that were many months old or older, in order to find an uncorrupted version of a particular file set. But we didn’t curse ourselves or Apple or Microsoft or the third party software vendor for corrupting said files in the first place; it happens. Period. It usually happens because of a disk damage or file system corruption on the source in need of repair. Disk/file corruption happens with any vendor.
Which brings us around to a critical part of any backup chain (which you’ve alluded to but not completely stressed as the bottom line here): your only valid backups are those you’ve fully tested.
IT managers get paid a lot of money because they design and build complex, testable backup strategies. In past lives managing this sort of thing, in mission critical deployments, we regularly restored working systems from the last backups, just to make sure they actually worked, and, if not, play the drop back game as described above; then do the deep dive to find the source of corruption. Validated backups are marked and preserved both on and offsite.
It’s horrifically time consuming, and nothing the average user, small or medium sized business is ever going to do.
I have mixed reactions to you and your wife cursing Apple for this event; your overall frustration is understandable, but if you really think this doesn’t and wouldn’t happen to you on Android, you’re dreaming. If anything, it’s far more likely to happen, given that most phone vendors have their own backup systems or simply rely on people using Google’s cloud services; and if your wife is so paranoid (whether or not that is justified by the degree of sensitivity of data or not) about using iCloud, good luck not using Google for many aspects of an Android experience.
Regardless, I’m truly sorry you had to go through all of this, and my empathy and sympathies to your wife in particular for having to suffer the horrible pain of rebuilding. It sounds like her phone is vastly more complex than the average user, and a higher level of mission critical care is on the agenda.
To that end, you imply, but don’t explicitly state that you will now be doing multiple backups to iTunes, preferably on different computers; but even creating a second user account on the same machine is better than not. iMazing is another option. Of course, if the iPhone is the source of corruption, all backups will (likely) be bad (from the point of corruption), but that’s when you fall back to TM and clone archives.
As an aside, as our iPhones and their respective backups get bigger, Apple is, at the same time, making Mac disk space smaller and vastly more expensive. Making multiple backups of iPhones and iPads as fat as 256GB and 512GB and more in the future gets more and more and more challenging, chewing up gobs of (hidden to the user) internal disk space.
Indeed, the average user has no idea how to map a User account to an external drive, let alone how to map just the iTunes Mobile Backups folder; for those new Mac owners opting for the smallest drive per their budget, they are shooting themselves in the foot by not considering their peripheral device backup needs. Even if they are content to buy a fat spinning external disk, they need a Mac guru to actually make it useable – and in many cases, still portable.
iCloud offers a ready solution to this problem, but the lack of encryption makes it a nonstarter for a LOT of people. With the current resistance from Apple, the FBI, NSA, et al, I don’t see encrypted iCloud backups happening any time soon. I’d love to be wrong.