TL;DR: State agencies fall under the DOJ’s 2024 ADA Title II rule with the same April 24, 2026 compliance deadline that applies to large local governments. The challenge is not the standard — it is the portfolio. A typical state runs hundreds of websites across dozens of agencies, each with its own CMS, vendor stack, and governance. Enterprise compliance requires governance structures that most states have not historically built.

The DOJ’s 2024 final rule implementing ADA Title II applies the same WCAG 2.1 Level AA requirement to every public entity covered by Title II, regardless of size. The compliance deadlines differ based on population served: April 24, 2026 for entities serving 50,000 or more, and April 26, 2027 for smaller entities. Every state government in the United States serves more than 50,000 residents. Every state agency is on the April 2026 timeline.

This article looks at what that means in practice — how state government obligations differ from those of large cities and counties covered in our local government 2026 deadline guide, and what governance structures state CIOs, CISOs, ADA Coordinators, and digital services teams need to put in place.

Same Rule, Different Problem

A large city or county under the rule typically operates 5 to 50 websites: a main municipal site, a few department sites, a transit or utility site, a permitting portal, a legislative or council site, perhaps a tourism site. A state government operates 100 to 1000 websites across:

  • The governor’s office and executive agencies (often 50 or more)
  • The legislature and legislative service agencies
  • The judiciary
  • State boards and commissions (sometimes hundreds)
  • Public universities and community college systems
  • State-affiliated authorities (toll roads, port authorities, lottery)
  • Constitutional officers (attorney general, treasurer, secretary of state)

Each agency has independently procured a CMS (often multiple — a typical state runs WordPress, Drupal, Sitecore, Squarespace, and several custom platforms simultaneously). Each has independently negotiated vendor contracts. Each has its own content team, its own design system or lack thereof, and its own historical PDF backlog.

The DOJ rule does not care about this complexity. The state is responsible for every web page operated by every covered entity.

Who Is Actually Responsible

Title II liability runs to the public entity. For most purposes that is the individual state agency, not the state as a whole — the Department of Motor Vehicles is liable for the DMV website, not the governor’s office. But practical compliance requires enterprise coordination because:

  • Agencies share infrastructure (the state hosting environment, the state CDN, the state identity provider)
  • Agencies share vendors (the same WCAG-failing chat widget often appears across dozens of state sites)
  • Agencies share staff (often a single team in the state CIO office supports multiple agency CMS deployments)
  • Reputational and political risk from a DOJ complaint is shared across the executive branch

Most successful state compliance programs sit somewhere between full centralization (one team owns all state sites) and pure federalism (each agency on its own). The common pattern is shared services with mandatory standards:

  • The state CIO office sets the technical standard, provides shared tooling, and runs enterprise monitoring
  • Each agency owns its own remediation work and its own content
  • A coordinating body (often the existing state ADA Coordinator network) handles policy alignment
  • Higher education systems usually operate as their own coordinating units

The Role of the State CIO

State Chief Information Officers have emerged as the central coordinating role for ADA Title II web compliance in most states. Typical CIO responsibilities under the rule:

  • Setting the technical standard. WCAG 2.1 Level AA at minimum; many states are adopting WCAG 2.2 Level AA directly.
  • Operating shared accessibility tooling. Enterprise scanning, monitoring, and reporting infrastructure.
  • Maintaining a state-wide inventory. A registry of every covered website with owner, platform, and compliance status.
  • Establishing procurement standards. Mandatory accessibility clauses in state IT contracts; see our VPAT and procurement guide.
  • Coordinating with agency ADA Coordinators. Translating technical findings into agency action.
  • Reporting to the governor and legislature. Periodic state-wide status reports.

In states without an empowered CIO function, this work falls to whatever coordinating body exists — often a digital services team, an enterprise content management office, or a state accessibility commission. Where no coordinating body exists, the result is consistently a fragmented program that meets the deadline in some agencies and misses it badly in others.

The Role of the State CISO

Web accessibility and web security overlap heavily. Both require:

  • A current inventory of all websites the state operates
  • A managed vendor stack with known versions
  • Continuous monitoring of public-facing properties
  • A defined incident and remediation workflow
  • Documentation sufficient to respond to federal inquiry

Chief Information Security Officers often own the inventory and the monitoring infrastructure even when they do not own accessibility per se. In states with mature CISA-aligned cybersecurity programs, accessibility monitoring tends to plug into the same governance, the same asset registry, and the same vendor management program. Accessibility and security are not the same discipline, but they share infrastructure, and states that integrate them succeed faster than states that don’t.

The Role of the Agency ADA Coordinator

Title II requires public entities with 50 or more employees to designate an ADA Coordinator. Most state agencies meet this threshold. The ADA Coordinator role under the new rule expands meaningfully:

  • Maintain the agency’s accessibility statement and grievance procedure
  • Monitor accessibility feedback from the public
  • Coordinate remediation work with IT and communications
  • Document the agency’s compliance program for federal inquiry
  • Liaise with the state CIO office and other coordinating bodies

ADA Coordinators historically focused on physical access and program access in employment, services, and benefits. Web accessibility is a newer and more technical area of responsibility. Most state ADA Coordinators need training to do this part of the job well, and many states are investing in that training in the run-up to April 2026.

Multi-Site Portfolio Challenges

Common state-wide problems that don’t exist at the single-agency level:

Inventory

Most states cannot produce a complete, current list of every website the state operates. Shadow IT — agency-procured cloud services, microsites stood up for specific campaigns, legacy applications kept alive without oversight — is endemic. The first project in any state-wide compliance program is usually six months of inventory work.

Vendor Concentration

A single non-conforming vendor product can produce simultaneous failures across dozens of state sites. A widely deployed accessibility overlay (which does not actually produce conformance), a chat widget that fails keyboard testing, a video player that does not expose captions to screen readers — each becomes an enterprise-scale problem.

Template Sprawl

The same agency often operates pages built on multiple templates dating from multiple redesigns. A WCAG failure in one template multiplies into hundreds or thousands of failing pages.

Document Backlog

A typical state hosts millions of PDF documents accumulated over decades. The archived content exception covers some of this, but agencies that have not categorized their PDF inventory cannot claim the exception. Building the inventory itself is a major project.

Federated Higher Education

Public universities and community colleges are covered by Title II, by Section 504 of the Rehabilitation Act, and by OCR enforcement patterns that are stricter than what most states have experienced. Most state higher education systems operate as their own coordinating units under the system office or board of regents, separate from the executive branch compliance program.

Governance Patterns That Work

Across the states that are well-positioned for April 2026, a few common governance patterns appear:

A Designated Executive Owner

A named senior official — usually the state CIO, sometimes the chief digital services officer, occasionally a deputy chief of staff in the governor’s office — owns the program. Without a single owner, accountability fragments and the program stalls.

A State-Wide Standard

Documented in a state administrative code or executive order: WCAG 2.1 Level AA (or 2.2), Section 508 for federal program-funded systems, specific procurement language, specific testing requirements. Codified standards survive administrative transitions.

Shared Tooling

Enterprise-licensed accessibility scanning, monitoring, and reporting infrastructure available to every covered agency. Per-agency procurement of these tools is expensive and produces inconsistent data.

A Coordinating Body

A regular meeting of agency ADA Coordinators, accessibility specialists, and IT representatives. Most states use an existing structure (an accessibility council, an enterprise architecture board) rather than creating new bureaucracy.

Transparent Reporting

Public-facing dashboards or annual reports on state-wide accessibility status. Transparency creates internal pressure that improves outcomes.

Training Programs

Mandatory web accessibility training for content creators, developers, and procurement staff across all covered agencies. Several states have built this into onboarding requirements.

What April 2026 Actually Looks Like

The DOJ rule deadline does not mean that on April 24, 2026 every state website must be perfect. It means that on April 24, 2026 every state website must conform to WCAG 2.1 Level AA, with a narrow set of defined exceptions (archived content, conventional electronic documents incorporated in court records under specific conditions, certain individualized password-protected documents, preexisting third-party content not posted by the public entity).

In practice, what regulators and plaintiffs will look for after April 2026:

  • A current, published accessibility statement on every state site
  • A documented accessibility program with an owner and a budget
  • A current third-party audit or continuous monitoring program
  • A remediation plan for known issues, with timelines
  • Procurement records showing accessibility evaluation
  • A working feedback channel and grievance procedure
  • A demonstrable training program

States that can produce these on demand will absorb individual complaints without escalation. States that cannot will become the test cases for the next decade of enforcement.

How Govzu Helps

Govzu provides the enterprise-scale monitoring state governments need to make a credible compliance claim across hundreds of websites. The platform inventories every domain and subdomain in the state portfolio, scans every page against WCAG 2.1 and 2.2 Level AA continuously, identifies shared vendor components creating cross-agency failures, and produces the state-wide reporting that CIO offices and accessibility councils use to coordinate remediation. With the April 2026 deadline approaching, Govzu gives state CIOs, CISOs, and ADA Coordinators a single source of truth for an obligation that spans every agency in state government.

ADA Title II state government 2026 deadline enterprise governance
All Resources
Share