WCAG 2.2 AA · Legal Protection · Built for Healthcare
Your Website Is a
Lawsuit Waiting
to Happen.
You probably don't know it yet. Most medical spa and healthcare practice owners find out the hard way — when a certified letter arrives demanding $5,000 to $25,000, with 30 days to respond.
The Problem
Here's what's actually happening.
There are law firms whose entire business model is scanning the internet for websites like yours. Automated. Every day. Thousands of sites at once.
When they find violations — and they will — they send a demand letter. You settle quietly or you go to court. Either way, you pay.
In 2025 alone, over 5,000 website accessibility lawsuits were filed in the US. On top of that, an estimated 35,000 to 50,000 demand letters were sent and resolved privately — never making the news. That's roughly ten demand letters for every lawsuit actually filed.
Healthcare and medical providers are one of the fastest-growing targets. It's not a trend. It's an industry. And it's accelerating.
- Bots scan Law firms run automated scanners across thousands of sites a day.
- Violations found Your site gets flagged — no contrast, no labels, no statement.
- Demand letter A certified letter arrives: $5K–$15K, 30 days to respond.
- You pay Settle quietly or fight in court. Either way, it costs you.
Why You're Exposed
Your web agency never built for this. Almost none of them do.
96% of local business websites fail basic accessibility standards. That's not a coincidence — it's because almost no marketing agency or web design studio specializes in ADA compliance. They build what looks good. Compliance is an afterthought, if it's a thought at all.
The result: your site probably has the same six violations that trigger 96% of all ADA lawsuits.
- Missing alt text on images
- Low color contrast on text
- No accessibility statement
- Unlabeled form fields
- Empty buttons and links
- No keyboard navigation
And if your agency installed an accessibility overlay widget thinking that would cover it — it won't hold up. Over 1,000 businesses with overlay plugins installed were still sued in 2024. The FTC fined one of the biggest overlay providers $1M in 2025 for misleading compliance claims.
Overlays mask the problem. They do not fix it.
The Hard Way
This is what fixing it looks like the traditional way.
First you hire an accessibility consultant to audit your site. Then you go back to your agency — or find a developer who understands compliance — to remediate the violations. Then you manage that whole project. Then you get it validated. Then you set up regular monitoring cycles, because every time a new page goes live or your marketing team makes a change, you might be exposed again.
Months of back-and-forth. Multiple vendors. On a website you don't fully control. On a CMS that can silently break compliance overnight with a single plugin update.
Most practices don't do any of this until the letter arrives. By then the damage is already done.
- Audit Hire a consultant to scan your site
- Remediate Find a developer to fix the violations
- Manage Juggle multiple vendors and timelines
- Validate Re-test the whole site for conformance
- Monitor Every new change re-exposes you
What We Do Instead
We take the whole thing off your plate. Permanently.
We don't audit your broken site and hand you a report. We replace it.
We build you a clean, fast, minimal website from scratch — designed to do one thing: give your patients exactly what they need to contact you or book. No bloated plugin stack. No CMS that can break compliance overnight. No AI-generated blog nobody reads.
Less is more. A single focused page does more for a practice than a sprawling site with dozens of subpages that confuse visitors and create compliance exposure at every turn.
We certify it to WCAG 2.2 AA — the highest enforceable standard — and publish the audit results directly on your site. Anyone checking, including plaintiff attorneys, sees a site that is documented, timestamped, and protected.
Then we lock it. Every change goes through us. Compliance stays intact.
You run your practice. We run your website.
The Math
One demand letter costs more than years with us.
Here's what most practices don't realize — the settlement is only the beginning. After you pay to make the lawsuit go away, your site is still non-compliant. Which means you still have to fix it. You pay twice: once to settle, once to remediate.
| Cost | Demand Letter Path | With Castara |
|---|---|---|
| Settlement | $5,000–$25,000 | — |
| Attorney fees | $3,000–$15,000 | — |
| Remediation after settlement | $2,000–$10,000+ | — |
| Ongoing monitoring | Additional cost | Included |
| Total exposure | $10,000–$50,000+ | $999 setup + $499/mo |
One demand letter — settlement, legal fees, and remediation combined — can cost more than a decade with us.
What You Get
Simple. Fast. Protected.
-
Legal Protection
WCAG 2.2 AA certified build. Published audit results on your site. Timestamped version history. Documented defense if anyone comes knocking.
-
Built to Be Found
Schema markup so Google, Bing, and AI assistants like ChatGPT and Perplexity read your practice correctly. Your hours, services, and location show up everywhere.
-
Built to Convert
Every section has one job: make your visitor call or book. No distractions. No friction. Just action.
-
Can't Break
No CMS login. No plugin updates silently breaking compliance. Every change reviewed by us before it goes live.
-
Managed Monthly
Up to 5 change requests per month. We implement, verify conformance, and push live.
-
Built for Speed
Static files, no bloat, sub-second mobile load times. Fast sites rank higher and convert more of the patients who find them.
How It Works
From zero to protected in 7 days.
-
A 15-minute call
Tell us your services and what you want patients to do. That's the whole brief.
-
We build it
Clean code, your brand, conversion-focused copy, schema markup, accessibility statement.
-
We certify it
Full WCAG 2.2 AA audit. Results published on your site.
-
We deploy it
Live and protected within 7 business days.
-
We manage it
Monthly updates, compliance maintained, ongoing.
Pricing
Straight to the point.
Standard
$999 setup$499/mo
Billed annually. Everything included. Cancel anytime.
- WCAG 2.2 AA conformant build
- Schema & AI-ready markup
- Manual + WAVE audit published on your site
- GitHub version control
- Enterprise-grade hosting
- Up to 5 changes per month
Enterprise
Custom
For multi-location practices and larger healthcare groups where a single page isn't enough.
- Multiple location pages
- Custom design system
- Advanced schema architecture
- Dedicated account manager
- Priority SLA
- Full WCAG 2.2 AA throughout
No hidden fees. No upsells. No surprises.
For the Technical Folks
Under the hood.
- Hand-coded static HTML / CSS / JS — zero CMS, zero plugins, zero dependencies
- Built to WCAG 2.2 AA — exceeds the DOJ-mandated WCAG 2.1 AA minimum
- Manual + WAVE audit — results published as a live page on your domain
- Version-controlled via GitHub — every change timestamped and auditable
- Enterprise-grade hosting — sub-second mobile load times
- Schema markup (LocalBusiness, MedicalBusiness, Service, FAQPage) — AI and search ready
- Accessibility statement published on your domain from day one
This is the standard most developers don't build to, because it takes longer and costs more. We build nothing else.
Honest Answers
Questions you're probably asking.
Yes. ADA Title III covers "places of public accommodation," and federal courts have consistently held that includes business websites. It applies in all 50 states regardless of your size. Healthcare and medical providers are one of the fastest-growing categories of targets, and that's expected to keep climbing.
No — and this one is dangerous. Overlay widgets sit on top of your site and try to patch problems in the browser. They don't fix the underlying code. Over 1,000 businesses with overlays installed were still sued in 2024, and in 2025 the FTC fined one of the biggest overlay providers $1M for misleading compliance claims.
Worse: a widget is a public signal that you know about accessibility but haven't actually fixed it. Plaintiff scanners specifically flag sites running overlays. Real protection lives in the code.
Honestly — yes. A determined serial plaintiff can send a letter to almost anyone. No website is "lawsuit-proof," and any company that promises otherwise is selling you the exact thing the FTC has already fined people for.
What compliance changes is the size of the problem. With a documented, timestamped, audited WCAG 2.2 AA site, your attorney can respond with proof of conformance and the claim typically goes nowhere — often resolved with a single response letter instead of a drawn-out fight. That usually means a few hundred dollars in legal time rather than a $5,000–$25,000 settlement, plus fees, plus still having to rebuild your site afterward.
We don't make you untouchable. We make you the hardest, least worthwhile target on the list — and we hand you the evidence to shut a claim down fast.
Because remediating a bloated WordPress or page-builder site is slow, expensive, and temporary. You patch it, then a plugin update or a new blog post quietly breaks it again. We build a clean, minimal static site from scratch — no CMS, no plugins, nothing that can silently fall out of conformance. It's usually faster and cheaper than fixing the old one, and it stays fixed.
That's the point — and it's a feature, not a limitation. A single well-meaning edit (a new image without alt text, a pasted block with bad contrast) can reintroduce a violation and undo your protection without you knowing. So there's no dashboard to break. You send us changes — up to 5 a month — and we implement them, re-verify conformance, and push them live. Your compliance stays intact permanently.
It's documented, timestamped evidence of conformance that anyone can see — including a plaintiff's attorney running a scan. It demonstrates good faith and active effort, which is exactly what makes you a poor target. Combined with version-controlled code history, it gives your lawyer something concrete to respond with if a claim ever comes in.
Typically within 7 business days of our 15-minute kickoff call. We write the copy, build the site to WCAG 2.2 AA, run the audit, and deploy. You're protected from day one.
We maintain it. Standards evolve — WCAG moved from 2.1 to 2.2, and there will be future versions. Because your site is on our managed plan, we update it to stay current as the bar moves. You don't have to track any of it.
Ready?
One demand letter costs more than 3 years with us.
Leave your details and we'll review your site before we call. No pitch. No pressure. Just straight answers.