Summary
EVV Cures 2.0 is a legislative proposal, not enacted law — but the technical direction it represents is already shaping the EVV software market, and the agencies best positioned for whatever it ultimately requires are the ones running platforms that exceed the current federal floor rather than meeting it exactly. The two most important capability investments relative to the EVV Cures 2.0 direction are biometric authentication support built into the EVV architecture and AI-powered anomaly detection that surfaces visit data irregularities before they reach billing rather than after they reach an auditor. If you’re looking for EVV software built to operate above the current minimum and ready for the technical standards EVV Cures 2.0 is moving toward, myEZcare is worth a serious look.
Introduction
The 21st Century Cures Act mandated electronic visit verification. It did not specify how states must implement it beyond six basic data elements. That flexibility was deliberate — and it’s also what EVV Cures 2.0 is specifically designed to address.
For home care agencies, the distinction matters more than it might appear.
The original Cures Act framework gave states wide latitude on EVV implementation models, which is why the national picture in 2026 looks like a patchwork of aggregators, mobile apps, and enforcement timelines that vary dramatically by state and sometimes by payer. EVV Cures 2.0 — the proposed amendments to the original legislation, also discussed as Cures 2.1 — would tighten that framework considerably. The bill’s sponsors have solicited stakeholder input from state Medicaid programs and long-term services and supports providers, and the proposed changes would strengthen the intent of the original law with potential updates to geographic tracking features, biometric verification requirements, and increased CMS oversight authority. None of this is enacted yet. But the EVV Cures 2.0 conversation is active, technically specific, and worth understanding before the technology requirements become compliance requirements. The agencies that engage with what EVV Cures 2.0 proposes now will not be scrambling to configure systems under a compliance deadline later.
What EVV Cures 2.0 Actually Proposes — and Where It Stands
EVV Cures 2.0 is not yet law. That’s the essential starting point for any operational analysis, and it’s important to say clearly because the policy conversation has moved faster than the legislative timeline. The 21st Century Cures Act itself is enacted law that has been driving state EVV implementation since 2020 for personal care services and 2024 for home health care services. EVV Cures 2.0 refers to proposed amendments that would expand and strengthen those existing requirements — and while the specific statutory text is not finalized, the stakeholder feedback process has produced a reasonably clear picture of what EVV Cures 2.0 is intended to address.
The core critique that EVV Cures 2.0 responds to is that the original law’s flexibility, while politically practical, has allowed states to implement EVV at dramatically uneven levels of rigor. A state using a simple telephony check-in system meets the same federal floor as one using GPS-verified mobile clock-in with real-time aggregator transmission. EVV Cures 2.0 discussions center on raising that floor — requiring more consistent technical standards for geographic verification, considering biometric identity confirmation to address identity fraud, and giving CMS clearer authority to establish and enforce uniform national standards rather than simply setting minimum thresholds that states must reach by their own means.
The FMAP penalty structure under the existing Cures Act also escalates through this period. For states that have not met home health care services EVV requirements, the Federal Medical Assistance Percentage is reduced by 0.75 percentage points in 2026 and by a full 1 percentage point in 2027 and beyond. That escalating penalty creates financial pressure that reinforces the EVV Cures 2.0 conversation even before the amendments are enacted — states that haven’t tightened enforcement are losing matching funds, which makes the political case for stronger federal standards easier to make.
Biometric Verification: The Identity Question EVV Has Always Carried
The most discussed and most contested element of EVV Cures 2.0 proposals is biometric verification — using fingerprint recognition, facial identification, or voice authentication to confirm caregiver identity at clock-in and clock-out rather than relying on a mobile device login. The fraud prevention rationale is straightforward: a caregiver who hands her phone to a family member to clock in for a visit that doesn’t happen defeats the purpose of GPS-verified electronic visit verification entirely. Biometric authentication eliminates that specific fraud vector by tying the identity confirmation to the caregiver’s physical presence rather than possession of a device.
The EVV Cures 2.0 biometric discussion has to be understood alongside a genuine and legitimate tension that patient advocacy groups and disability rights organizations have raised consistently. Clients receiving home-based care are interacting with caregivers in their own homes — an environment where surveillance technology raises privacy and dignity concerns that don’t apply in facility settings. Requiring biometric scans of caregivers in private homes creates questions about data collection, storage, and access that go beyond the technical implementation challenges. The EVV Cures 2.0 stakeholder process has surfaced these concerns directly, and any enacted legislation will need to address them with specific data use limitations and client consent frameworks.
For home care agencies thinking ahead, the EVV Cures 2.0 biometric question translates into a practical vendor evaluation criterion: does your EVV platform support biometric authentication as an optional feature, and does it handle the associated data — biometric templates stored locally versus in the cloud, data retention periods, access logging — in a way that will satisfy both HIPAA requirements and whatever privacy standards EVV Cures 2.0 ultimately includes? The agencies that don’t have to replace their EVV infrastructure to support biometrics are the ones that chose platforms with that capability in the architecture, not bolted on afterward.
Advanced Geo-Tracking: Beyond the GPS Stamp
Current EVV compliance under the original Cures Act requires location capture at the start and end of a visit. That’s a point-in-time GPS record — where the caregiver was when the clock-in happened and where they were when the clock-out happened. The EVV Cures 2.0 framework and the technology platforms already deployed ahead of it are pushing toward something more continuous: geofencing that triggers automatic alerts when a caregiver enters or departs a service address, and in some implementations, periodic GPS check-ins during the visit rather than only at the endpoints.
Geofencing-based EVV is already deployed in a meaningful portion of the market independent of EVV Cures 2.0’s legislative status. AI-powered EVV systems currently available combine GPS geofencing with machine learning anomaly detection — flagging patterns like visits that clock in at a service address but where the GPS trace shows the device leaving the address before the visit ends, or visits where clock-in and clock-out locations differ from each other and from the authorized service address. That level of location intelligence goes significantly beyond what the original Cures Act required and represents where the EVV Cures 2.0 conversation expects the technology to go as a national standard.
The operational implication for agencies is not just compliance readiness. More granular location data creates a richer operational intelligence layer than most agencies are currently using. Route efficiency, actual visit duration patterns, caregiver geographic density relative to client locations — that data exists in geo-tracking records and surfaces operational improvements that are entirely separate from the compliance function. Agencies treating EVV Cures 2.0’s geo-tracking expansion purely as a regulatory burden are missing the operational value that comes with the same infrastructure.
AI-Powered EVV: Already Ahead of the Legislation
The most consequential development in electronic visit verification isn’t in EVV Cures 2.0’s proposals — it’s in the technology that’s already deployed and operating well ahead of what any current or proposed federal standard requires. AI-powered EVV systems combine the six federally required data elements with biometric or voice authentication, machine learning anomaly detection, real-time geofencing, and predictive compliance monitoring in platforms that generate audit-ready documentation continuously rather than assembling it reactively.
The anomaly detection capability is particularly significant for what EVV Cures 2.0 is trying to accomplish. Rather than relying on manual audit review to catch billing irregularities, AI-enabled electronic visit verification systems identify patterns in visit data — visits that cluster at statistically improbable times, service durations that are inconsistent with the documented care plan, GPS traces that don’t match the expected route between check-in and client address — and surface them automatically for review before they reach the billing queue. That’s not a future capability. It’s what early-adopting agencies are running today, and it’s what EVV Cures 2.0 would push toward as a national baseline.
Here’s what the EVV technology capability spectrum looks like from current minimum to EVV Cures 2.0 direction of travel:
- Current federal floor — Six-element capture via mobile app, GPS point-in-time at clock-in and clock-out, transmitted to state aggregator
- Current advanced deployment — Geofencing alerts, offline mode with auto-sync, real-time aggregator transmission, exception reporting, integration with billing
- EVV Cures 2.0 direction — Biometric identity confirmation, enhanced geographic verification standards, increased CMS oversight of state implementation, higher national floor for technology standards
- AI-enabled frontier — Continuous anomaly detection, predictive compliance monitoring, machine learning pattern recognition, EHR integration, proactive fraud flagging before billing submission
The agencies running at level two today are in a significantly better position for whatever EVV Cures 2.0 eventually requires than the ones still operating at level one. The distance between level one and level three is a platform rebuild. The distance between level two and level three is a configuration update.
What Agencies Should Do Before EVV Cures 2.0 Is Enacted
The most expensive mistake agencies make with pending legislation is waiting for enactment before evaluating vendor readiness. EVV Cures 2.0 proposals have been in active stakeholder discussion long enough that EVV vendors worth evaluating have already developed positions on biometric support, enhanced geo-tracking capability, and AI-powered anomaly detection. Asking those questions now — before you’re selecting a new platform under a compliance deadline — gives you real information rather than sales language.
The specific questions that distinguish EVV Cures 2.0 readiness from basic compliance adequacy are: Does your EVV platform support biometric authentication, and how is biometric data stored and protected? What geofencing capabilities exist beyond point-in-time GPS capture, and can those alerts be configured by the agency? Does your anomaly detection run against visit data before billing submission, or after? And critically: when federal EVV standards change, what’s the vendor’s update timeline for matching the new technical requirements — and what’s in the contract about that timeline?
EVV Cures 2.0 will not be the last evolution in electronic visit verification standards. The trajectory from the original Cures Act through current enforcement and into whatever form Cures 2.0 takes is consistently in one direction: more granular verification, tighter technical standards, and greater CMS oversight authority. The agency that builds its EVV infrastructure around that trajectory — rather than the minimum current requirement — won’t need to rebuild it with each legislative cycle.
See how myEZcare’s EVV platform is built for where electronic visit verification standards are heading — with real-time geo-tracking, anomaly detection, state aggregator integration, and a compliance architecture designed for the next regulatory cycle, not just the current one. Schedule a free demo today.
