April 2, 2025

Springing into Action: Bringing Research Compliance and Safety to the Next Level

april 2024 changelog image all things governance
April 2, 2025

As the flowers bloom and the days grow longer (finally!), we've been busy 🐝s here at Rally. Over the month of March, we made it our mission to enhance compliance, governance, and safety in our platform. New custom governance rules, PII/PHI masking, and updated property and privacy settings are designed to keep your research endeavours safe, compliant, and smooth.

Take a look at our freshest additions: 

TLDR: Watch this recap video

Custom governance rules 

Take protecting your participants to the next level with custom governance rules. Easily create and store custom rules to put participants in a cooldown or mark them as ‘Do Not Contact’ (Blocklist).

You may want to add a custom governance rule to…

👉Add a longer cooldown period for participants in specific panels.

👉Mark any participants from specific domains as ‘Do Not Contact’.

👉Mark participants that hit an annual incentive limit as not contactable for a period of time

👉Mark participants who are up for contract renewal in the next 30 days and have a red customer health score from Salesforce as ‘Do Not Contact’, until they are in a good state again.

👉Add a cooldown period for participants who have recently been contacted by Marketing (via Salesforce or Snowflake integration). 

👉Mark participants as ‘Do Not Contact’ who agree that pineapples should go on pizza (who wants to do research with someone like that anyway? 😉).

In addition to Custom Governance Rules, we’ve also added the ability to put selected participants in a cooldown manually. This is helpful if the participant was contacted outside of Rally, causing any governance rules to not be applied. 

Track all of this and more in the Governance Activity Feed in all Person profiles. The Governance Activity Feed shows you when the participant’s contact status changed, what it changed to, and why.

Read the support doc here. 

Mask participant health information and identifiable information (PHI and PII) 

Protect participant health information by marking any property in Rally as PII (Personally Identifiable Information) or PHI (Protected Health Information). 

Safely sync contacts via our integrations with Snowflake and Salesforce. All participant emails and properties marked as PII and PHI are automatically masked for Observers.

Read the support doc here. 

We are in compliance with the HIPAA Security Rule for properties marked as PHI — that is, we have audit logs for when these properties are read, updated, and deleted. 

Did someone say HIPAA Compliance? 👀 Be sure to subscribe to our newsletter for the official announcement!

Book interviews in the past, present, and future 🔮

You may recall that last month, we added some 🔥 updates to interview booking management, including sending a custom email to a participant, requesting a reschedule, updating interview status, and viewing interview updates in the new Interview Activity Feed. 

Well, we’re back for more. This month, we released Manual Interview Bookings, allowing you to: 

  • Manually book an interview for a participant without them needing to schedule it themselves. 
  • Book an interview while bypassing host availability, interview limits, & other scheduling restrictions created in the study. 
  • Log historical interview(s) that happened in the past, or outside of Rally, so that a participant’s history stays up to date.

Map participants in Rally with Unique Properties

Unique Properties allow you to identify and engage with participants using customizable unique identifiers (properties), reducing reliance on email addresses and unlocking untapped participants for research.


In order to add people to your Rally database, you needed their email address. This made it tough to bring participants into Rally using customer IDs for example, or do recruitment outside of email through in-app messages or in-app inboxes.


  • Pull participants into Rally from data sources via integrations (Snowflake, Salesforce) or uploading a list (Amplitude, HubSpot, etc.) and map unique properties directly into Rally. 
  • Unlike email addresses, which may change or be unavailable, you can assign any property in Rally as ‘unique,’ such as usernames, IDs, or any other identifier.
  • Rally flags duplicates of unique participant properties to maintain data integrity.

Read the support doc here.

Microsoft Teams Integration! 

We are excited to release our latest video conferencing integration that allows teams to conduct interviews in Microsoft Teams. Plus, add Observer Rooms into Microsoft Teams interviews and invite team members to livestream user interviews without distracting the participant. Learn more by checking out our Integrations page.

New Observer Room privacy settings

Based on your feedback, we rolled out new security features for Observer Rooms to enhance control and privacy in your workspace:

🫙Storage Settings: Super admins can now configure storage durations for all Observer Room data. By default, Rally stores all Observer Room data for a maximum of 1 year. 

🪟Access Settings: Choose who can access Observer Rooms, with options for link-only access, password protection, or restricted access to Rally users only.

🎥Recording Download Control: Manage who can download past recordings, whether it's study owners or super admins only.

Visit Observer Rooms in Rally’s Settings to configure these options. Read the support doc here.

Improvements and Fixes
  • When participants complete a study via our UserTesting integration, their status automatically updates without them having to click “complete.”
  • Find studies more easily by filtering them by Status, Owner, or Language.
  • Find properties in ‘Settings’ more easily by filtering them by Type or Creator
  • All user data from Rally’s sub-processors is automatically deleted whenever it's hard deleted in Rally.