I imagine small police departments would prefer to get the system "running" and take it back to "their" geek. Like they say several times, if this machine is "logged on" the disk encryption is probably disabled. They want to dump it before the thing times out, assuming you walked away, and locks encryption back on. It sure sounds a lot easier to me to just bring a terabyte USB drive and let this machine dump to your unencrypted drive.
"XCOPY <i> <your drive> /S/H/E/R/C" on each drive will get most of it.
After you got all you could, reboot this with a hardware disk maintenance program to be sure you got all the partitions.
A real geek could still hide stuff out there but they probably won't find it anyway.
I am sure the NSA/FBI could eventually crack any encryption or data hiding scheme but if you are the Fumbuck Arkansas Sheriff department I doubt you would get much cooperation if you were trying to bust a guy who sold a pound of pot. It is a whole lot easier to just read and capture the data yourself.
