What conformance level should a healthcare site target?

WCAG 2.2 Level AA is the consensus target for legal compliance and the level referenced by virtually every national accessibility law.

What does HHS Section 1557 require for accessibility?

The May 2024 final rule requires entities receiving federal financial assistance from HHS — virtually all hospitals, clinics, and insurers — to conform to WCAG 2.1 AA for web content, mobile apps, and kiosks. Compliance deadlines stagger from May 2025 through May 2027 based on entity size.

Can a healthcare site use an accessibility widget?

Widgets are problematic in healthcare for two reasons: (1) WCAG conformance must be at source level, not via overlay; (2) HIPAA-covered information transmitted to a third-party overlay vendor may itself create a breach. Most healthcare CISOs disallow third-party overlay widgets.

Does WCAG 2.1 cover telehealth video?

Yes — Criterion 1.2.4 requires real-time captions for live audio content, which includes telehealth visits. 1.2.6 (Sign Language, AAA) is recommended for healthcare emergency content.

What conformance level should a healthcare site target?

WCAG 2.2 Level AA is the consensus target for legal compliance and the level referenced by virtually every national accessibility law.

What does HHS Section 1557 require for accessibility?

The May 2024 final rule requires entities receiving federal financial assistance from HHS — virtually all hospitals, clinics, and insurers — to conform to WCAG 2.1 AA for web content, mobile apps, and kiosks. Compliance deadlines stagger from May 2025 through May 2027 based on entity size.

Can a healthcare site use an accessibility widget?

Widgets are problematic in healthcare for two reasons: (1) WCAG conformance must be at source level, not via overlay; (2) HIPAA-covered information transmitted to a third-party overlay vendor may itself create a breach. Most healthcare CISOs disallow third-party overlay widgets.

Does WCAG 2.1 cover telehealth video?

Yes — Criterion 1.2.4 requires real-time captions for live audio content, which includes telehealth visits. 1.2.6 (Sign Language, AAA) is recommended for healthcare emergency content.

guide

Section 508 for healthcare: requirements, priorities, and audit checklist

Section 508 compliance for healthcare sites requires applying Section 508 of the Rehabilitation Act to the specific failure points typical of the healthcare industry — including patient portal logins without screen-reader-accessible mfa, telehealth video without captions or sign-language interpreter integration, symptom checkers built as inaccessible single-page apps.

Devansh Bhatia · IAAP CPACC · 5 years accessibility engineer3 min readPublished November 1, 2025· Updated May 10, 2026

Does Section 508 apply to healthcare sites?

Section 508 of the Rehabilitation Act requires US federal agencies, federal contractors, and recipients of federal funds to make their information and communications technology (ICT) accessible to people with disabilities, with conformance benchmarked against WCAG 2.0 Level AA via the 2017 Refresh.

Healthcare accessibility — the lay of the land

HHS's May 2024 final rule under Section 1557 explicitly requires healthcare entities receiving federal funding to conform to WCAG 2.1 AA for web content, mobile apps, and kiosks. Compounding this, HIPAA places privacy constraints on accessibility solutions (overlays cannot legally re-transmit patient health information).

Where Section 508 bites hardest in healthcare sites

• Patient portal logins without screen-reader-accessible MFA

• Telehealth video without captions or sign-language interpreter integration

• Symptom checkers built as inaccessible single-page apps

• PDF clinical forms not tagged for accessibility

• Appointment scheduling calendars unusable by keyboard

Remediation priorities

• Patient-portal login and account management

• Appointment scheduling and telehealth flows

• Clinical content (medication info, treatment guides)

• Provider directories and search

• Insurance forms and benefits explanations

How to comply with Section 508 on a Healthcare site

1. Complete a VPAT/ACR: Use the latest VPAT 2.5 template (or 2.5INT for international). Document conformance to WCAG 2.0 AA per chapter 5 of Section 508.

2. Test against WCAG 2.0 AA: Combined automated + manual + assistive-technology testing. AT-required: NVDA, JAWS, VoiceOver, ZoomText.

3. Cover all 508 surfaces: Web (chapter 5), software (chapter 4), hardware (chapter 4), and documentation/support.

4. Update annually: Federal contracts require current VPATs. Re-test after any significant product change.

Sources

Section508.gov — GSA
Section 508 Standards (ICT Refresh) — US Access Board
HHS Section 1557 Final Rule (Web Accessibility) — US HHS Office for Civil Rights

FAQ

Frequently asked questions

Cited answers. Sourced. Updated as standards and case law change.

Does Section 508 apply to healthcare websites?
Section 508 of the Rehabilitation Act requires US federal agencies, federal contractors, and recipients of federal funds to make their information and communications technology (ICT) accessible to people with disabilities, with conformance benchmarked against WCAG 2.0 Level AA via the 2017 Refresh.
What are the most common Section 508 failures in healthcare sites?
Patient portal logins without screen-reader-accessible MFA Telehealth video without captions or sign-language interpreter integration Symptom checkers built as inaccessible single-page apps
What conformance level should a healthcare site target?
WCAG 2.2 Level AA is the consensus target for legal compliance and the level referenced by virtually every national accessibility law.
What does HHS Section 1557 require for accessibility?
The May 2024 final rule requires entities receiving federal financial assistance from HHS — virtually all hospitals, clinics, and insurers — to conform to WCAG 2.1 AA for web content, mobile apps, and kiosks. Compliance deadlines stagger from May 2025 through May 2027 based on entity size.
Can a healthcare site use an accessibility widget?
Widgets are problematic in healthcare for two reasons: (1) WCAG conformance must be at source level, not via overlay; (2) HIPAA-covered information transmitted to a third-party overlay vendor may itself create a breach. Most healthcare CISOs disallow third-party overlay widgets.
Does WCAG 2.1 cover telehealth video?
Yes — Criterion 1.2.4 requires real-time captions for live audio content, which includes telehealth visits. 1.2.6 (Sign Language, AAA) is recommended for healthcare emergency content.

Stop guessing. Get the audit a Fortune 500 a11y team would have written.

Free audit on your live URL. No sign-up. IAAP-format report. Ready in hours.

Run a free audit Book a demo

founders@accessivepath.com · +977 9851094056

Section 508 for healthcare: requirements, priorities, and audit checklist

Does Section 508 apply to healthcare sites?

Healthcare accessibility — the lay of the land

Where Section 508 bites hardest in healthcare sites

Remediation priorities

How to comply with Section 508 on a Healthcare site

Sources

Frequently asked questions

Does Section 508 apply to healthcare websites?

What are the most common Section 508 failures in healthcare sites?

What conformance level should a healthcare site target?

What does HHS Section 1557 require for accessibility?

Can a healthcare site use an accessibility widget?

Does WCAG 2.1 cover telehealth video?

Stop guessing. Get the audit a Fortune 500 a11y team would have written.