EVV Compliance: The Federal Foundation
Put This Into Practice
CareCade makes it easy to implement best practices for home care management.
The 21st Century Cures Act (2016) mandated Electronic Visit Verification (EVV) for all Medicaid-funded personal care and home health services. States had until January 2023 to implement, with flexibility in how they designed their systems.
The result: 50 different approaches to EVV compliance. If you operate in one state, you need to master one set of rules. If you operate across states—or plan to expand—you need software that handles the complexity.
What EVV Must Capture (Federal)
Every state's EVV must capture these six data points:
| Data Point | What It Means |
|---|---|
| Type of service | What service was provided |
| Individual receiving | Who received the service |
| Date of service | When service was provided |
| Location | Where service occurred |
| Individual providing | Which caregiver provided service |
| Start and end time | Actual service duration |
States can require additional data points beyond these six.
State EVV Models
Open Model
In open model states, providers can choose their own EVV vendor as long as it meets state requirements and integrates with the state's data system.
Pros:
- Flexibility to choose best-fit software
- Competition drives quality
- Can use same vendor across multiple functions
Cons:
- Integration requirements with state aggregator
- Must verify compliance yourself
- Multiple vendors may be in use
Open model states include: Washington, Texas, California (varies by MCO), and many others
Provider Choice Model
Similar to open, but with specific approved vendor lists or certification requirements.
States using this model: Florida, Ohio, others
Closed/State-Mandated Model
State selects the EVV vendor. All providers must use the designated system.
Pros:
- No vendor selection needed
- Compliance is straightforward
- Everyone uses same system
Cons:
- Limited flexibility
- May not integrate with your other systems
- Quality depends on state's selection
Hybrid Models
Many states use combinations—one approach for state-plan services, another for waiver services, or different rules by MCO.
State-by-State Requirements
Washington State
Model: Open choice
Aggregator: No central aggregator; providers submit claims through ProviderOne
Requirements:
- Six federal data points
- GPS or telephony verification accepted
- Claims submitted through ProviderOne
- DDCS has specific documentation requirements
Best practice: Use EVV integrated with ProviderOne export
CareCade compatibility: Full compliance with ProviderOne export
California
Model: Varies by program
For IHSS:
- Electronic Services Portal (ESP) or IHSS phone app
- Providers generally use state system
For Waiver services:
- Varies by MCO
- Provider choice within MCO requirements
Requirements vary by:
- County
- Managed care plan
- Service type
Texas
Model: Open choice with EVV aggregator
Aggregator: Texas EVV vendor (currently HHAeXchange-based)
Requirements:
- All six federal data points
- Must transmit to state aggregator
- Biometric verification encouraged
- GPS or telephony accepted
Key dates:
- Ongoing compliance monitoring
- Regular audit cycles
New York
Model: Mixed (varies by program)
For CDPAP:
- Fiscal intermediaries manage EVV
- Specific vendor requirements
For Licensed agencies:
- Provider choice with aggregator transmission
- eMedNY integration
Requirements:
- Six data points plus state-specific
- Visit verification within 72 hours
- Exception documentation
Florida
Model: Provider choice from approved list
Aggregator: Florida EVV vendor integration required
Requirements:
- Must use approved EVV vendor
- Real-time data transmission
- GPS or telephony
- Specific error tolerance standards
Ohio
Model: Open choice
Aggregator: Sandata integration
Requirements:
- Six federal data points
- Must transmit to Sandata aggregator
- Specific formatting requirements
- Regular compliance audits
Pennsylvania
Model: Provider choice
Aggregator: Varies by MCO
Requirements:
- Six federal data points
- MCO-specific integration requirements
- Regular compliance reporting
Illinois
Model: State-mandated vendor
Requirements:
- Must use state-designated system
- Limited provider choice
- Specific training requirements
Michigan
Model: Open choice with aggregator
Requirements:
- Community Health Automated Medicaid Processing System (CHAMPS) integration
- Six data points
- GPS verification preferred
Arizona
Model: Provider choice
Requirements:
- AHCCCS compliance requirements
- Six federal data points
- Contractor-specific rules may apply
Multi-State Compliance Strategy
If You Operate in Multiple States
-
Map your states' requirements
- Model type (open, closed, hybrid)
- Aggregator integration needs
- Specific data requirements
- Verification method requirements
-
Evaluate vendor compatibility
- Does your EVV vendor integrate with all required aggregators?
- Are there additional costs per state?
- What's the implementation timeline for new states?
-
Document compliance procedures
- State-specific workflows
- Training materials per state
- Audit preparation by state
Choosing Multi-State EVV Software
Questions to ask vendors:
- Which states do you currently support?
- What aggregator integrations are available?
- How do you handle state-specific requirements?
- What's the process to add a new state?
- Are there per-state pricing differences?
Warning signs:
- "We support all states" without specifics
- No clear aggregator integration path
- Same approach described for very different states
- Lack of state-specific compliance documentation
Common Compliance Pitfalls
Pitfall 1: Assuming One-Size-Fits-All
The mistake: Using the same EVV process for all states without checking state-specific rules.
The fix: Document each state's requirements and configure software accordingly.
Pitfall 2: Ignoring Aggregator Requirements
The mistake: Capturing data correctly but failing to transmit to state aggregator.
The fix: Verify aggregator integration is working before going live.
Pitfall 3: Incomplete Verification Methods
The mistake: Using GPS when state also requires telephony backup, or vice versa.
The fix: Know which verification methods your state accepts and configure appropriately.
Pitfall 4: Late Data Submission
The mistake: Capturing data but transmitting after state deadline.
The fix: Understand transmission requirements and automate where possible.
Pitfall 5: Inadequate Exception Documentation
The mistake: Having EVV exceptions without proper documentation for why.
The fix: Create clear processes for documenting legitimate exceptions.
Verification Methods by State Acceptance
| State | GPS | Telephony | Biometric | FOB/Fixed Object |
|---|---|---|---|---|
| Washington | Yes | Yes | Yes | Yes |
| Texas | Yes | Yes | Encouraged | Yes |
| California | Varies | Varies | Varies | Varies |
| New York | Yes | Yes | Some programs | Yes |
| Florida | Yes | Yes | Yes | Yes |
| Ohio | Yes | Yes | Yes | Yes |
Check current state guidance for latest requirements.
EVV Software Compliance Checklist
When evaluating EVV software for compliance:
Data Capture
- Captures all six federal data points
- State-specific additional fields supported
- Real-time capture (not post-visit entry)
- Offline capability with sync
Verification
- GPS verification included
- Telephony option available (if needed)
- Biometric available (if needed)
- Accuracy within state tolerances
Integration
- State aggregator integration available
- Direct claims submission OR export capability
- Scheduled transmission (not just manual)
- Error handling and resubmission
Documentation
- Audit-ready reports
- Exception documentation workflow
- Historical data retention
- Compliance dashboard
Support
- State-specific support knowledge
- Compliance updates communicated
- Implementation support for new states
Preparing for Audits
Documentation to Maintain
- EVV system configuration documentation
- Training records for caregivers
- Exception logs with explanations
- System uptime and reliability records
- Aggregator transmission logs
Common Audit Findings
- Visit time discrepancies — EVV vs. billing
- Location verification gaps — GPS failures without documentation
- Missing visits — Services billed without EVV
- Late submissions — Data transmitted after deadline
- Inadequate training — Caregivers not using system correctly
Audit Response Best Practices
- Respond promptly to audit requests
- Provide organized, complete documentation
- Explain exceptions clearly
- Show corrective action for issues
- Demonstrate systemic improvements
The Future of EVV Compliance
Trends to Watch
- Biometric becoming standard — More states encouraging or requiring
- Real-time monitoring — States want faster visibility
- AI anomaly detection — Automated flagging of unusual patterns
- Integration expansion — EVV linking to more health data
- Federal oversight increases — CMS monitoring state programs
How to Stay Current
- Subscribe to state Medicaid provider updates
- Join provider associations that track policy
- Work with vendors who monitor compliance changes
- Review requirements annually at minimum
EVV Compliance with CareCade
CareCade's EVV meets federal requirements and integrates with state systems:
- GPS + biometric verification
- Washington ProviderOne export
- Offline capability
- Compliance dashboard
For multi-state providers, contact us to discuss your compliance needs.