Skip to content

Early Access opens July 12 · $99/mo · all suites during the launch window · price locked through Q1 2027 · Join the waitlist →

← Back to Blog
Public-entity operator's brief · ADA Title II Final Rule · Post-deadline window

The ADA Title II deadline has passed — what a public entity actually does now.

acipta · Agent-based defensibility platform — workflow-grounded.

April 24, 2026 was the ADA Title II Final Rule large-entity compliance deadline. As of today, that's 21 days past. The Final Rule doesn't include a post-deadline grace period; what changes is what defensibility looks like in DOJ enforcement or private-suit context. Four moves matter — and the order they happen in matters more than how fast they happen.

Where we are · 2026-05-15 Large public entities (50K+ population): 21 days into the post-deadline exposure window.
Small public entities: April 24, 2027 deadline · 11 months remaining. Prep starts now if it hasn't already.

If you are a CIO, general counsel, or accessibility program lead at a covered public entity — state agency, county, large municipality, public university, school district, public hospital — and your April 24, 2026 audit didn't return a clean conformance verdict against WCAG 2.1 AA across every public-facing surface, you are not alone. Most large covered entities did not hit the deadline at full conformance. The Department of Justice didn't expect that they would. What the Final Rule established is a measurable standard for what good-faith conformance posture looks like in the post-deadline environment — and what defensibility against private suit requires when (not if) the demand letter arrives.

This brief covers the four moves that matter in the post-deadline window. The order is not arbitrary; it reflects what materially shifts your legal posture from "exposed and reactive" to "documented and forward-leaning." None of these moves require new budget. All four can begin today.

1.Preserve the record

Within 30 days of the deadline (so: by May 24, 2026 if you haven't done it already), snapshot the conformance state of your top-N public-facing surfaces. "Top-N" typically means the homepage, login pages, primary citizen-service workflows (pay a bill, file a form, find a meeting agenda, register), and any surface with measurable disability-population traffic. For each URL: rendered HTML, computed accessibility tree, browser-version metadata, automated-scan output (axe-core or equivalent), and any manual audit findings.

The reason: if a demand letter arrives 90 days from now alleging non-conformance on a specific URL, the plaintiff's evidence will be a scan run on a specific date. Your defense begins with a byte-identical capture of the same URL on the same date — what was actually there, in what state, with what evidence. Snapshots taken after the demand letter are reconstructions; snapshots taken now are records.

The procedural detail: store these snapshots in immutable, timestamp-able storage. Cloud object storage with versioning + a hash log is sufficient. The point is that opposing counsel cannot credibly allege the captures were re-rendered or altered post-hoc.

2.Run the audit you should have run

If your entity hasn't completed a per-success-criterion WCAG 2.1 AA audit on the top-N surfaces, do it now. Not "scan the homepage with WAVE and accept that as conformance evidence" — a real per-criterion audit. The federal mandate is unambiguous about what the standard is (28 CFR § 35.200-203 → WCAG 2.1 Level AA → 50 criteria). The question is whether your evidence is per-criterion (defensible) or per-page (not defensible).

The output of this audit produces three buckets per URL: (a) confirmed conforming, (b) confirmed non-conforming with documented finding, (c) requires further investigation. Bucket (b) feeds Step 3 (the remediation pipeline). Bucket (c) flags the highest legal risk because "we don't know" is the worst possible response to a demand letter.

If you don't have the internal capacity, engage a third-party accessibility auditor. The dollar figure for a defensible top-30-URL audit is generally $15K-$50K depending on entity complexity. That number is small relative to a Title II consent decree.

3.Produce the evidence (per criterion, signed at write time)

The decisive artifact in any post-deadline enforcement or litigation is per-success-criterion conformance evidence with provenance. Each WCAG verdict needs three properties to defend at deposition:

If your current accessibility stack is a quarterly third-party audit report PDF + a dashboard screenshot, you do not have this evidence quality. You have an attestation, which is the conformance equivalent of a posture. Plaintiffs' firms increasingly know the gap and price it into demand-letter math.

This is the durable shift from compliance automation to compliance intelligence: the question isn't "did we run a scan?" — it's "can we replay the verdict?" If a plaintiff's expert ran an automated scan on the same URL on the same date as your conformance pack, the per-criterion verdicts must reconcile. If they don't reconcile, the deposition is going somewhere uncomfortable.

4.Communicate the posture (publicly and internally)

Three communication artifacts matter:

A public-facing accessibility statement at /accessibility/ on your entity's primary domain. The statement references WCAG 2.1 AA as the standard, names the responsible accessibility program officer with contact information, describes the remediation pipeline with measurable milestones, and invites feedback. The DOJ has cited public-facing accessibility statements as evidence of good-faith effort in past consent decree mitigations.

Internal remediation pipeline documentation with named owners, milestones, and prioritization logic. The pipeline is the document a DOJ investigator or plaintiff's counsel will request. Make sure it exists, that someone with authority owns it, and that it shows measurable progress month-over-month.

Vendor communications — if any third-party SaaS or embedded component on your public-facing surfaces has accessibility findings, document the vendor SLA, the date you notified them, and their committed remediation timeline. Title II covers the entity, not the vendor — but vendor-introduced findings become your findings when they appear on your domain. A documented vendor-notification trail moves those findings into a "shared remediation" posture rather than an "unaddressed non-conformance" posture.

What this brief is and isn't: this is operational guidance from a team that builds accessibility-evidence infrastructure. It's not legal advice. Your general counsel or outside ADA counsel should review specific remediation timelines, vendor notifications, and any DOJ-facing communications before they go out. The framework here is what we see working in 2026 — but matter-specific decisions require matter-specific advice.

What "good" looks like 90 days from now

By mid-August 2026 — roughly 90 days post-deadline — a covered entity in defensible posture has: snapshotted records of the top-N surfaces as of the deadline, a completed per-criterion WCAG 2.1 AA audit of those surfaces, a documented remediation pipeline with at least 30 days of measurable progress, signed conformance evidence for any surfaces that have been remediated, and a public-facing accessibility statement that references the program.

That posture doesn't make demand letters go away. It changes the dollar at which they settle, and it changes whether a DOJ inquiry escalates to a consent decree or resolves with monitoring. The post-deadline window is where defensibility is built — not by hitting the original deadline retroactively, but by demonstrating measurable, evidence-backed forward motion from day 22 onward.

Frequently asked questions

Does the ADA Title II deadline get extended now that it passed?
No. The Final Rule does not include a grace-period mechanism after April 24, 2026 for large public entities. What shifts after the deadline is what "defensibility" looks like — pre-deadline, a documented remediation plan with measurable milestones was a defense; post-deadline, it's a mitigation, not a substitute for conformance.
What's the most common first move from plaintiffs' counsel post-deadline?
A demand letter referencing automated-scan output on a specific URL with specific WCAG 2.1 failures, offering settlement for a defined dollar amount plus attorney's fees and a remediation undertaking. Demand-letter volume picked up materially in late April and early May 2026.
Is good-faith effort still a defense post-deadline?
It's a mitigation, not a defense. A public entity that can demonstrate an active remediation program, a documented audit trail since the rule published in April 2024, and prioritization of high-traffic surfaces is in a materially better posture. The defense — to the extent it exists — runs through evidence quality, not posture.

Replay a verdict. Verify the hash. In 20 minutes.

Free 20-minute scan: bring a URL, leave with a signed per-success-criterion verdict against WCAG 2.1 AA + WCAG 2.2 AA. Same evidence pack a DOJ investigator or plaintiff's counsel would ask for — except it exists at write time.