Section 508 Compliance
- Section 508 is a U.S. federal law requiring accessible information and communication technology (ICT)
- It applies to federal agencies, contractors, and organizations receiving federal funding
- Covers websites, software, documents, hardware, and other digital systems used by the government
- Compliance is based on WCAG 2.0 (ICT Refresh), requires ongoing maintenance, and is demonstrated through audits and VPATs
On This Page
Getting Started with Section 508 Digital Accessibility
What is Section 508?
Section 508 is a part of the Rehabilitation Act that requires federal agencies to make their information and communication technology (ICT) accessible to people with disabilities. Its purpose is to ensure that individuals can independently access and use digital systems, content, and technologies used by the federal government. This ensures that people with disabilities have equal access to government information and services delivered through digital systems.
Section 508 applies to a wide range of ICT, including websites, software, electronic documents, and hardware. Section 508’s accessibility requirements are integrated into how federal agencies develop, procure, maintain, and use technology, making accessibility a core part of how digital experiences are delivered.
Meeting these requirements is the foundation of Section 508 compliance.
What is Section 508 compliance?
At the highest level, Section 508 compliance means meeting the requirements of the Section 508 ICT Accessibility Standards. These standards provide accessibility requirements for websites, software, documents, and hardware used or procured by federal agencies and the organizations that support them.
Compliance is measured by conformance with the Section 508 ICT Accessibility Standards . For most digital content and applications, this includes meeting WCAG 2.0 Level A and AA success criteria. However, compliance is not limited to technical conformance alone. It depends on how effectively users with disabilities can access content, navigate systems, and complete tasks using assistive technologies such as screen readers and magnifiers.
Achieving and sustaining Section 508 accessibility can be challenging, particularly across large or complex digital environments. Even organizations with strong intentions can struggle to maintain accessibility over time if it is not integrated into how they design, develop, procure, and monitor ICT. As a result, many organizations begin with an accessibility audit to evaluate their current state and identify gaps.
If accessibility falls short, organizations risk failing to meet procurement requirements, limiting their ability to work with federal agencies, and exposing themselves to compliance and reputational risks.
Who must comply with Section 508?
If you develop, procure, maintain, or use information and communication technology (ICT) for the U.S. federal government, Section 508 compliance applies to your organization. This includes federal agencies as well as contractors, vendors, and partners that provide products, services, or digital experiences used by those agencies.
Section 508 requirements also extend to organizations that receive federal funding, including state and local governments, educational institutions, and other entities expected to deliver accessible digital resources. In practice, any organization involved in creating or supplying ICT for federal use must ensure that its products and services meet Section 508 accessibility standards.
Organizations that support federal agencies—whether directly or through procurement—should assume that Section 508 compliance applies and take steps to understand how to meet these requirements.
What Section 508 covers
To meet Section 508 compliance requirements, organizations must ensure the information and communication technology (ICT) they develop, procure, maintain, or use, including self-service, is accessible across a range of digital and physical touchpoints, including websites, software, documents, hardware, and self-service technologies. Section 508 covers the technologies and systems people rely on to access information and complete tasks.
- Websites and web applications
- Software and mobile applications
- Electronic documents
- Hardware
- Telecommunications and communication systems
Section 508 accessibility applies across the full range of technologies used to deliver digital experiences, making accessibility a requirement throughout the lifecycle of ICT.
The Section 508 technical standard
Section 508 defines what must be achieved in terms of accessibility, but its technical requirements are established through the Section 508 ICT Refresh, which adopts by reference WCAG 2.0 Level A and AA success criteria along with additional requirements for specific types of ICT. This update created a consistent framework for evaluating accessibility across websites, software, documents, and other information and communication technology (ICT).
However, the Section 508 ICT Refresh has not been updated since 2017. As a result, its requirements are now out of date compared to more recent standards, including WCAG 2.2 and regulatory updates such as ADA Title II. Organizations should be aware that meeting Section 508 requirements may not fully align with current accessibility expectations or best practices.
Meeting Section 508 compliance requirements means conforming to each applicable requirement for covered ICT. Where an ICT can’t meet specific technical requirements, the Section 508 standards set out additional functional performance criteria that must be met, each relating to meeting user needs of specific disability groups. The Section 508 accessibility standards allow organizations to apply a consistent, testable approach to Section 508 compliance across digital systems and user experiences.
Section 508 vs ADA vs WCAG
Section 508, the Americans with Disabilities Act (ADA), and the Web Content Accessibility Guidelines (WCAG) all play a role in digital accessibility, but they serve different purposes.
Section 508 is a U.S. federal law that requires federal agencies and the organizations that work with them to meet specific accessibility requirements for information and communication technology. It is primarily enforced through procurement and federal compliance obligations.
The ADA is a broader civil rights law that prohibits discrimination based on disability across public and private sectors. It complements Section 508 by applying to private entities and state and local governments. In some cases, the ADA defines specific technical standards that organizations must meet, and more broadly, it is widely interpreted to require accessible digital experiences.
WCAG provides a de facto global standard used for digital accessibility requirements. Section 508 accessibility standards adopt WCAG 2.0 Level A and AA success criteria, making WCAG the foundation for meeting Section 508 requirements in practice for websites, documents, and software.
Section 508 vs EN 301 549
Section 508 and EN 301 549 are accessibility standards used in different regulatory environments but share a common foundation. Section 508 is the U.S. federal accessibility standard that applies to agencies and organizations working with the federal government, while EN 301 549 is the European standard used to meet accessibility requirements under the European Accessibility Act (EAA).
Both standards were created in a way that harmonizes requirements, including adopting WCAG, providing a consistent framework for implementing accessible digital experiences across websites, software, documents, and other information and communication technology, in the United States and Europe. However, recent updates to EN 301 549 mean its accessibility requirements have evolved and are no longer so tightly aligned with Section 508.
What are the Section 508 requirements?
Section 508 requirements focus on ensuring that information and communication technology (ICT) is accessible, usable, and functional for people with disabilities in real-world scenarios.
General requirements
Section 508’s general requirements apply to all covered information and communication technology (ICT) that is procured, developed, maintained, or used by federal agencies. These requirements include the following basic principles:
ICT must be accessible to and usable by people with disabilities, including supporting or providing assistive technology as needed, and meet applicable technical accessibility requirements for digital content, hardware, and software.
Where technical requirements can’t be met for specific functionality, ICTs should meet key functional performance criteria, which are defined as meeting a range of user needs, such as use without vision and use without hearing. In other words, there should be an alternative way for people with disabilities to access and use functionality.
When federal agencies can’t identify an ICT that meets all requirements, they must choose the ICT that provides the best support for people with disabilities, considering the tasks the ICT is intended to support.
Technical requirements
Web content, software, and digital documents must conform to WCAG 2.0 Level A and Level AA success criteria, with minor exceptions for software and documents, and be compatible for use with assistive technology. Conformance must include all steps in a process to complete an activity supported by an ICT.
Hardware must meet specific accessibility requirements, including providing speech output, preserving privacy when using accessibility features, ensuring operable parts can be used by people with limited vision or mobility, and offering alternatives for audio output.
Support and documentation
Documentation for ICTs must describe accessibility features and be provided in an accessible format. Where ICTs have support services such as call centers, they must provide information about the ICT’s accessibility and be available in accessible formats.
How to comply with Section 508
Meeting Section 508 compliance requirements takes a combination of accessibility expertise, structured processes, and ongoing commitment. Organizations must ensure that their information and communication technology (ICT) is accessible in practice, not just in theory.
Identify in-scope systems
Determine which websites, software, documents, and other ICT fall under Section 508 requirements, including systems developed, procured, or maintained for federal use.
Conduct an accessibility audit
Evaluate your ICT against applicable Section 508 accessibility requirements to identify gaps and establish a baseline for 508 compliance.
Remediate issues
Prioritize and address accessibility barriers based on impact, focusing on issues that prevent users from accessing content or completing key tasks.
Validate through testing
Test improvements using a combination of automated tools and manual evaluation, including assistive technologies such as screen readers and magnifiers, to ensure real-world usability.
Maintain compliance over time
Integrate accessibility into design, development, procurement, and content workflows to sustain Section 508 compliance as systems and standards evolve.
Together, these steps help organizations move from one-time evaluation to sustained Section 508 accessibility.
What is a Section 508 audit?
A Section 508 audit provides a baseline evaluation of how well your ICT meets Section 508 compliance requirements. It is typically the first step in understanding your current level of Section 508 compliance and identifying accessibility gaps across websites, software, documents, and hardware.
Effective audits combine automated testing with manual expert evaluation. Automated tools can identify common issues, but many barriers—especially those affecting usability and assistive technology compatibility—require human review. Testing with assistive technologies such as screen readers and magnifiers helps reveal how users actually experience digital content and where breakdowns occur.
An accessibility audit evaluates how well your ICT meets Section 508 requirements by identifying gaps across websites, software, documents, and hardware. The findings from this evaluation are documented using the VPAT format to produce an Accessibility Conformance Report (ACR), which communicates how a product or system aligns with Section 508 accessibility standards.
After initial findings are addressed, the ICT is typically retested to validate improvements, and an updated ACR is created to reflect the current level of accessibility. Together, this process provides a clear, structured path to improving and demonstrating Section 508 accessibility over time.
What is a VPAT (Voluntary Product Accessibility Template)?
A Voluntary Product Accessibility Template (VPAT) is a standard document that can be used to describe how well a product or service meets Section 508 accessibility requirements. When completed, it becomes an Accessibility Conformance Report (ACR), providing a structured way to communicate how information and communication technology (ICT) conforms with key accessibility standards: Section 508, WCAG, and EN 301 549.
VPATs are commonly used in federal procurement and contracting. Agencies rely on them during procurement to evaluate whether products and services meet Section 508 compliance requirements before purchase, and to use them to discuss with vendors roadmaps for improving documented accessibility issues, making them a critical part of demonstrating accessibility in practice.
For organizations, a VPAT helps document conformance, identify gaps, and support transparency around Section 508 compliance. It is an output of testing and a reflection of how accessibility has been evaluated, documented, and implemented across digital systems.
Learn more about VPATs and how they support Section 508 compliance.
Section 508 compliance checklist
Most organizations start with these core steps to meet Section 508 compliance requirements and establish a strong foundation for accessibility:
Identify scope
Determine which websites, software, documents, and other ICT fall under Section 508 requirements across your organization.
Conduct an audit
Evaluate your ICT against Section 508 accessibility requirements to identify gaps and establish a baseline for 508 compliance.
Remediate issues
Prioritize and address accessibility barriers based on impact, focusing on issues that affect usability and task completion.
- Validate through testing
Test improvements using automated tools and manual evaluation, including assistive technologies, to ensure real-world accessibility.
Document accessibility
Use the Voluntary Product Accessibility Template (VPAT) to record test results in an Accessibility Conformance Report (ACR) to communicate conformance with Section 508 compliance requirements.
Monitor and maintain
Establish processes for ongoing testing, tracking, and improvement to sustain Section 508 compliance over time.
This Section 508 compliance checklist provides a starting point, but long-term success depends on integrating accessibility into how ICT is designed, developed, and maintained.
Learn more about the full Section 508 compliance checklist and how to apply these steps in practice.
Section 508 compliance requires ongoing processes
Section 508 compliance is not a one-time effort. Organizations need processes that support ongoing accessibility and accountability across their information and communication technology (ICT).
This includes the ability to:
- Document accessibility
- Maintain clear, up-to-date Accessibility Conformance Reports (ACRs)—that describe how ICT meets Section 508 accessibility requirements.
- Monitor accessibility over time
Continuously evaluate websites, software, documents, and systems to ensure accessibility is preserved as content, features, and technologies evolve.
- Provide issue reporting channels
Enable users to report accessibility issues and ensure those issues are captured, prioritized, and addressed effectively.
- Track remediation and progress
Maintain records of identified issues, corrective actions, and ongoing improvements to support sustained 508 compliance.
Section 508 accessibility depends on integrating these processes into how organizations design, develop, procure, and maintain ICT over time.
Need a Section 508 audit?
Understanding your current level of Section 508 compliance is the first step toward building accessible, usable digital experiences. An accessibility audit can help identify gaps across your websites, software, and documents, while a VPAT provides a structured way to document conformance with Section 508 requirements.
If you’re evaluating your accessibility baseline or preparing for procurement, Vispero’s Digital Accessibility Services experts can help with expert Section 508 audits, assistive technology-informed testing, and VPAT / ACR support.
Section 508 FAQ
What is Section 508 compliance?
Is Section 508 mandatory?
Who must comply with Section 508?
What are Section 508 requirements?
How does Section 508 relate to WCAG?
What is the Section 508 ICT refresh?
The Section 508 ICT Refresh is the 2017 update that aligned Section 508 requirements with WCAG 2.0 Level A and AA and established a consistent framework for evaluating accessibility across ICT. However, it has not been updated since, and its requirements are now out of date compared to newer standards such as WCAG 2.2 and recent regulatory updates.