This is my first session from the third day at the CSUN conference. This description of this session from the event guide says that “methods and techniques for developer valid, defensible claims of accessibility compliance in public sector procurements including VPATs and GPATs.” In my experience working with vendors of IT products and services, one thing I’ve learned is that while they may say they have a VPAT, we often provide the vendor with tips and guidance that they then sell right back to us! This is the first time I’ve been in a session put on SSB BART Group, I’m curious to see what they’re all about. The Arizona Wildcats pep team was outside making some noise, which was kinda fun.
- Tim Springer, SSB BART Group
- Matt Arana, SSB BART Group
SSB has been around for about 20 years, we’re a completely accessibility-focused group. They cover pretty much the gamut of technology platforms and have done a huge number of audits and reviews.
A compliance claim is “An official statement of compliance of [something] with a [standard/guideline]”
- Section 508 does not currently define a conformance claim process
- WCAG has a conformance claim process
Compliance claims are often used in procurement, regulatory, and litigation situations. Some causes for concern include claims without substance, claims against nebulous requirements and claims that are false.
Laws, Standards and Guidelines
- WCAG is published by W3C; there are two versions, 1.0 and 2.0.
- From the basis of most web accessibility standards, including 508
WCAG is strongly aligned with EU and 508 laws. 508 is purely a federal law.
CVAA (US) requires communication and video that go over the Internet to be accessible. Primarily targeted at communications software and equipment manufacturers, video service providers and producers of video content.
ADA is a US civil rights law, and application to IT is tricky. There are no technical standards for compliance.
Scope of Coverage: If it has to do with 1s and 0s, it may be impacted
- 508: all EIT
- ADA: public and employee facing EIT
- CVAA: Communications and video EIT
- May also see information and communication technology (ICT) used
Where are you selling, who’s buying, and what are the risks? These should be considered as part of your “go to market strategy.”
- VPAT is a registered trademark of the ITIC: Information Technology Industry Counsel
- Current version 1.3, ITIC accessibility policy page has this
- VPATs have been largely superseded by WCAG compliance claims, especially in the private sector.
- WCAG is likely to be globally harmonized on
- A GPAT is Government Product (or Service) Accessibility Template
- Takes general procurement language and puts it into a document that can be used. GSA quick links provides GPAT formats for procurement types; BuyAccessible Wizard can generate them de novo.
- Government may accept a VPAT in lieu of a GPAT
- While formatted differently, they contain materially the same information.
GPAT and VPATs look essentially the same, but GPAT includes more formalized details about total supported provisions (full, partial, not). This allows for easier scoring of products. However, the GPAT may not supersede the VPAT due to lack of awareness, and is more likely to be superseded globally by WCAG compliance claims. A healthy discussion followed about the trickier aspects of VPAT/GPAT statements of full | partial | not supported.
What are actually trying to do? Make it accurate, and it should be done by someone who understands both the system and accessibility. Have some documentation behind the process…claims should be well justified based on the demonstrable accessibility of your system. This is good from both a regulatory and sales perspective. So…you really should do some internal testing for audit purposes.
Auditing Requirements and Constraints
Technical Reqs (1194.21-1194.26), Functional Reqs (1194.31), and Support Reqs (1194.41). Automatic testing makes up about 25% of the actual testing you need to do on a product to ensure it’s accessible. Manual testing makes up close to 50% of that effort. Global testing makes up about 25% of total testing and represents systemic testing, i.e. error messaging, color palettes, etc. Technical testing is not easy, you need a lot of domain expertise to do it properly.
Technical testing is broken down each section into best practices. 508 testing is broken down into about 130 separate tests to make sure a tool’s sample pages are web-accessible. Functional testing involves real-world use cases tested by people with disabilities; can they accomplish the task in the use case?