Download your Section 508 Waiver
OK, seriously now, where can you get a Section 508 Waiver?
There is no waiver for Section 508 compliance. The Rehabilitation Act is a law. Section 508 is part of that law. Nobody gets a “pass” on complying with the law. Period. End of story. That being said, there are some legitimate reasons why a particular product or service will not conform to the provisions under Subpart B or Subpart C. In such cases the procuring organization would still be in compliance with Section 508. In other words: still no waiver. The exceptions are:
- Commercial Non-availability
- Undue Burden
- National Security
- Incidental to Contract
- “Back Office”
When procuring a product, each agency shall procure products which comply with the provisions in this part when such products are available in the commercial marketplace or when such products are developed in response to a Government solicitation. Agencies cannot claim a product as a whole is not commercially available because no product in the marketplace meets all the standards. If products are commercially available that meet some but not all of the standards, the agency must procure the product that best meets the standards. See: 36 CFR 1194.2(b)) and the FAR (at 39.203(c)
In short, “Commercial Non-availability” happens when there are zero products in the marketplace which meet business needs and is accessible. This does not mean that the agency can just throw their arms up and pick whichever product they want to because no product is fully-compliant. They must still pick the most accessible product that meets business needs.
Undue burden is defined as:
…an action that would result in significant difficulty or expense considering all agency resources available to the agency or component
36 CFR 1194.4 and FAR 39.202
Similar undue burden exceptions are found in other laws, such as the ADA. It is intended to protect the entity (in this case a Federal agency) from failure. In other words, in our pursuit of accessible EIC/ ICT, we can’t impose an unreasonable risk to the agency’s ability to perform its mission. The Internal Revenue Service (IRS) still has to collect taxes & disburse refunds, the Social Security Administration (SSA) still has to send social security checks, etc. and we can’t endanger that mission by imposing unreasonable demands. The reality is that there may sometimes be cases where it is unreasonably expensive or difficult to meet all of the requirements of Section 508. That being said, many people do not understand what constitutes an “undue burden”.
- You can’t claim undue burden because its inconvenient for you to find a compliant product
- You can’t claim undue burden because you’ll have marginal additional cost in bringing a system into compliance
- You can’t claim undue burden because you screwed up and chose the wrong product/ service
- You can’t claim undue burden because a compliant product is more expensive than a non-compliant one.
An Undue Burden is the type of thing that would cause such an expense or effort that it would pose an actual threat to the component or program’s ability to do business. This means it depends on the size of the agency or program within the agency. In practice, it also means that a compliant website or web-based application should never qualify for an undue burden exemption.
The process for claiming an undue burden is discussed in FAR 39.204(e)(2)(i). Under the FAR, the agency must document clearly identify why they are claiming undue burden and should clearly disclose the specific provisions which cannot be met, how expensive it would be to meet the provisions, the market research activities which lead to the conclusion, and so on. In addition, even under an undue burden the information and data must be provided to individuals with disabilities through an alternate means. In other words, undue burden does not mean you get to throw up your hands and walk away.
For example, if an agency wishes to purchase a computer program that generates maps denoting regional demographics, but determines that it would constitute an undue burden to purchase an accessible version of such a program, the agency would be required to make the information provided by the program available by alternative means to users with disabilities. Alternative means of access focuses on the provision of the information and data in an accessible manner — as opposed to the accessibility of the product itself. Census.gov
“National security system” means any telecommunications or information system operated by the United States Government, the function, operation, or use of which –
- Involves intelligence activities;
- Involves cryptologic activities related to national security;
- Involves command and control of military forces;
- Involves equipment that is an integral part of a weapon or weapons system; or
- Is critical to the direct fulfillment of military or intelligence missions. This does not include a system that is to be used for routine administrative and business applications, such as payroll, finance, logistics, and personnel management applications.
See: FAR 39.204(b) and 36 CFR 1194.3(a)
For the layperson: You’ll notice in the above that it should be readily obvious whether a system deals with National Security or not. In fact, in my opinion this is the easiest exemption to understand. The system being procured is either directly related to National Security or not.
Incidental to Contract
This is sort of where requirements for who is to comply in Section 504 and 508 diverge from one another most clearly. Section 504 “Follows the money” from the federal government, whereas Section 508 does not. A contractor’s workspace and those things (such as software or IDE) which are necessary to do the work or other tools of their trade are not required to comply with Section 508 at all. The catch here is that in practice those additional items may sometimes come under the ownership of the procuring agency, though less-so than things which are considered “Back Office”. To qualify as “Incidental” it must be something used solely by the contractor, never to be touched by a federal employee or public citizen ever, including after the final deliverable has been met by the contract (otherwise it would be a deliverable, too).
Products located in spaces frequented only by service personnel for maintenance, repair, or occasional monitoring of equipment are not required to comply with this part
While this exemption seems rather clear (at least to me), in practice it is often misunderstood. The important parts are that this product, no matter what sort of product it is, will never be accessed by anyone other than service personnel and only for maintenance, repair, or monitoring. What often gets people confused about the back office exemption is that the back office exemption takes three important things into consideration: The place, the person, and the purpose. The place must be that which is only frequented by the person (service personnel) for the specific purpose (maintenance, repair, or occasional monitoring. If any of these three things are not true, the exemption does not apply. Furthermore, if any of these three things changes, the exemption no longer applies, either.
What Have We Learned?
First and foremost, we’ve learned there is no such thing as a “waiver” for Section 508 compliance. The Rehabilitation Act is a law. If you’re conducting a procurement of EIT/ ICT for an Executive Branch agency of the Federal government, you’re required to comply with the law and that’s that. Still, there are some situations where a procurement can result in a deliverable that is not fully conforming to the provisions in Subparts B, C, or D and yet the procurement could still be “508 Compliant” due to a specific exemption. This is not, however, the same as the mythical “Waiver”.