GDPR and Rustici Software Products

We’ve added new features to our products to ensure that our software solutions help our customers comply with the General Data Protection Regulation (GDPR)-related requests.


SCORM Cloud now includes the ability to delete learner data. How you use SCORM Cloud will determine how you are able to use this tool.

Invitation users

Our interface allows you to delete a learner’s data from SCORM Cloud. This feature will allow you to delete all data that you have tracked regarding that learner. This includes:

  • Name
  • Email Address
  • Quiz & Assessment Data
  • xAPI Statements

Learn how to delete user data using the application.

Dispatch users

Due to the recent requirements of GDPR, we have enabled a new feature for SCORM Cloud Dispatch users. You can now choose to make all user names and IDs obfuscated in the database and in all reports with a one-way hash. We have also added the ability to have a privacy policy optionally displayed at the bottom of the SCORM Player window.

Learn more about the PII blocker in Dispatch.

SCORM Cloud API users

If you are using the SCORM Cloud API, you’ll find a new API has been added that makes the same delete operations available. Via the API, you can identify a learner ID (or xAPI Actor) and request SCORM Cloud delete all data about that learner from our system.

Learn how to delete user data via the API.

SCORM Engine

The ability to delete learner data via new API calls is also available within SCORM Engine. Your development team can request, via the API, that learner information be deleted from the SCORM Engine’s database tables.

In the most likely scenario, you’ll want to make this functionality available to some privileged users through your own administration user interface; that’s what the Engine API is intended to enable.

We released this API enhancement as an Engine 2017.1 maintenance release. Additionally, we’ll be introducing a user interface for performing the same ‘learner delete’ operations as part of our Rustici Engine 2018.1 release. You can follow this forum to be notified when new Engine releases are available.

Long-term, you’ll definitely need to upgrade your Engine version; however, we recognize that some customers may be unable to perform an upgrade of their system quickly. We encourage you to reach out to our support team if you receive any requests before you’ve completed your upgrade and we will assist you with creating database queries that will allow you to manually delete a learner’s data from the Rustici Engine database for your particular Engine version.

Dispatch and Content Controller

Whether you use our Dispatch functionality inside SCORM Cloud, the integrated Dispatch application or Content Controller, you can accommodate your customers GDPR concerns while still managing your content versions and licenses in a single place.

Based on collaboration with some of our customers, we’ve added the ability for our customers to make sure they aren’t tracking personal data for training when utilizing Dispatch or Content Controller to launch training through other LMSs. Customers now have the ability to enable one-way hashing of learner identifying data captured through various learning standards. When this option is enabled Learner Identifiers and Learner Names will be hashed (SHA-256) in the learner’s browser before that data is transmitted to the application providing the dispatch package.

We’ve also added the ability for Rustici Engine and Content Controller customers to have a privacy policy optionally displayed at the bottom of the SCORM Player window.

The latest release of Content Controller now includes this option. Contact us to get started with the latest release. SCORM Cloud Dispatch and the Dispatch option within SCORM Engine are coming soon. Follow the latest updates in our Support Forum for news on when this feature will be available in those applications.

Learn more about PII data in Content Controller.

Learn more about PII data in Rustici Dispatch.

Still have questions about how we can support your GDPR efforts?

If you have more questions about how these features work how you use them please be in touch. If you believe you need a Rustici Software Data Processor Agreement (DPA) please contact us at