What is AcuityCore?
AcuityCore is AcuityCare's integrated HCBS (Home and Community Based Services) operations platform — purpose-built for IDD (Intellectual and Developmental Disabilities) agencies and Medicaid waiver providers.
Traditional IDD agencies operate across a fragmented landscape: one system for EVV, another for billing, a separate tool for care plans, and spreadsheets holding it all together. AcuityCore replaces that patchwork with a single, unified platform where every module — from visit verification to AI risk scoring to HIPAA-encrypted email — shares the same secure data layer.
Every component is built to the regulatory standards of Medicaid HCBS waivers, including 1915(c), CES Waiver, and PASSE programs. AcuityCore is HIPAA-compliant by design, SOC 2 Type II certified, and maintained against real-time changes in state and federal regulation through its built-in StateRules library.
AcuityCore exists so that agency staff spend less time managing systems and more time delivering care. When compliance, documentation, billing, and verification all live in one platform, the friction between direct service and back-office operations disappears.
What problems does it solve?
Who is AcuityCore built for?
AcuityCore serves every role in an IDD/Medicaid agency — from direct support professionals in the field to compliance officers in the back office. Each role has a tailored experience within the platform.
How to use AcuityCore
AcuityCore runs on iOS, Android, and web — each surface optimized for its context. Field staff work primarily in the mobile app; supervisors and back-office staff use the web portal.
Access and authentication
Every AcuityCore account is protected by AuthCore, the platform's multi-factor authentication and SSO module. On first login, staff are enrolled in MFA — either via a TOTP authenticator app or a FIDO2 hardware key or passkey. Agencies using Microsoft Azure AD can enable SSO so staff sign in with their existing organizational credentials.
Agencies can configure FIDO2 passkey-only login — staff authenticate using biometrics (Face ID, fingerprint) with no password to remember or phish. This is the most secure configuration and is available on iOS, Android, and supported browsers.
Daily workflows by role
Open the AcuityCore app and authenticate via Face ID or TOTP. Navigate to your assigned consumer's visit. On arrival, tap Check In — CareEVV captures your GPS coordinates, timestamps the start of service, and syncs to the server (or queues offline if no signal is available).
During the visit, record service notes, medication administrations (MedLogic), and any incident observations. On departure, tap Check Out to close the EVV record. The completed visit is automatically queued for supervisor review and billing.
Use PlanBuilder on web or tablet to create or update a consumer's NCTP (Non-Clinical Treatment Plan) or MMP (Medication Management Plan). Plans are built using structured templates aligned to state documentation requirements. Risk assessments from RiskCore — covering Health & Safety, Behavioral, Medication, Environmental, Elopement, and Falls — link directly into the plan.
Collaborative co-authoring is supported; multiple team members can work on different sections simultaneously. Version history is maintained and every approval is time-stamped with the reviewer's identity for audit purposes.
Supervisors receive push notifications via NotifyCore when visits are flagged for review — late check-ins, GPS mismatches, or missed visits. The supervisor exception workflow in CareEVV allows authorized supervisors to document the reason for an exception and approve or reject visits before they move to billing.
InsightAI surfaces risk alerts on the supervisor dashboard: consumers with high recoupment risk scores, documentation gaps, and trends that may flag during an audit.
BillingCore automatically aggregates approved EVV visits, cross-references the consumer's active waiver authorization, and generates claim batches. StateRules validates each claim against the applicable state payer rules before submission — catching errors that would cause denials.
InsightAI assigns each claim a recoupment risk score (0–100). High-risk claims are flagged for documentation review before submission. Remittances are imported and matched to claims automatically; unmatched remittances are surfaced for billing staff review.
CompliCore provides a continuous audit readiness dashboard showing documentation completeness, authorization utilization, and compliance gaps by consumer, staff member, and program. All records — care plans, visit logs, medications, authorizations — are immutably logged in AWS QLDB, the same tamper-evident ledger used in financial services.
When an auditor requests records, CompliCore generates an audit package — a time-stamped, cryptographically verified export of all relevant records for the audit period — in minutes rather than days.
Complete module guide
AcuityCore's 13 modules are purpose-built for specific operational domains but share a unified data model — so data entered in one module is automatically available across all others.
| Module | Category | What it does | Who uses it |
|---|---|---|---|
| CompliCore | Compliance | Audit management, documentation completeness monitoring, multi-state regulation enforcement, and audit package generation. | Compliance officers, administrators |
| WaiverOps | Operations | Waiver program management for 1915(c), CES, and PASSE programs — authorization tracking, eligibility verification, and service coordination. | Program directors, case managers |
| CareEVV | Visit Verification | Geo-validated Electronic Visit Verification with offline mode (AES-256 encrypted on-device), supervisor exception workflow, and state-agency data export. | DSPs, supervisors, billing |
| MedLogic | Medication | Electronic medication administration records (eMAR), refill tracking, interaction alerts, and MMP documentation linked to PlanBuilder. | DSPs, nurses, case managers |
| InsightAI | AI / Analytics | Azure OpenAI–powered risk intelligence scoring recoupment risk 0–100 per claim, surfacing documentation gaps and audit exposure across the consumer population. | Compliance, billing, administrators |
| RiskCore | Risk Management | Six standardized risk assessment types: Health & Safety, Behavioral, Medication, Environmental, Elopement, Falls — all integrated into PlanBuilder. | Case managers, nurses |
| PlanBuilder | Care Planning | Unified NCTP and MMP plan authoring with collaborative editing, outcome tracking, and approval workflow with full version history. | Case managers, supervisors |
| StateRules | Regulatory | Multi-state compliance library that automatically applies state-specific billing codes, prior authorization requirements, and documentation standards by jurisdiction. | Billing, compliance, system |
| BillingCore | Revenue Cycle | Full Medicaid RCM — claim generation from EVV, prior auth cross-checking, submission, remittance reconciliation, and denial management. | Billing specialists, administrators |
| EngageCore | Consumer Portal | Secure consumer and family portal with real-time access to care plans, visit logs, medication records, and two-way secure messaging with the agency. | Consumers, families, case managers |
| ConnectCore | Interoperability | FHIR-compliant data exchange layer for connecting AcuityCore to EHRs, state MMIS systems, and health information exchanges. | IT, system integrators |
| NotifyCore | Notifications | Multi-channel push notification delivery via APNs (iOS), Firebase (Android), and WebSocket. Supports actionable notifications with deep-link routing. New in v5. | All roles |
| MailCore | Secure Email | HIPAA-compliant encrypted email via AWS SES with BAA coverage, end-to-end encryption, audit logging, and KMS-managed keys. New in v5. | All roles |
| AuthCore | Authentication | MFA with FIDO2 passkeys, TOTP, and Azure AD SSO. Platform-wide identity and access management with role-based permissions. New in v5. | IT, administrators |
| HIPAAShield | Compliance Framework | Full HIPAA compliance framework — ePHI encryption (AES-256, TLS 1.3), immutable audit trails (AWS QLDB), BAA management, and breach notification workflows. New in v5. | Compliance, IT, administrators |
| BrandCore | White Label | Custom agency branding — logo, color palette, typography, and subdomain — so staff and consumers see your agency's brand throughout the platform. New in v5. | Administrators, IT |
How waiver providers use AcuityCore
Waiver providers operating under 1915(c), CES Waiver, or PASSE programs have a defined set of federal and state obligations that AcuityCore is specifically engineered to fulfill — from EVV to prior authorization tracking to Medicaid claims submission.
This section is written for agencies that hold a Medicaid HCBS waiver provider agreement — including 1915(c) Home and Community Based waiver providers, CES (Children's Extended Services) waiver providers, and PASSE (Provider-led Organized Care) participants operating in Arkansas and similar state programs.
Core waiver workflows in AcuityCore
EVV mandate compliance in detail
The 21st Century Cures Act (Section 12006) requires states to implement EVV for all Medicaid-funded personal care services and home health services. CareEVV is designed to satisfy these requirements in full across all states where AcuityCore operates.
Medicaid billing specifics for waiver providers
Waiver providers face unique billing requirements compared to standard Medicaid providers. AcuityCore's BillingCore and StateRules modules handle the specifics:
Waiver compliance is built in, not bolted on
Every workflow in AcuityCore was designed around the specific operational and regulatory requirements of HCBS waiver programs — not adapted from a general healthcare platform.
Compliance built into every layer
AcuityCore's compliance coverage spans federal regulations, state waiver requirements, and data security standards — enforced at the platform level so agencies don't have to manage compliance as a separate function.
HIPAA compliance
HIPAAShield is AcuityCore's platform-wide HIPAA compliance framework. It operates across every module — not as an add-on, but as a foundational layer that governs how all ePHI is handled.
SOC 2 Type II
AcuityCore undergoes annual SOC 2 Type II audits conducted by independent third-party auditors. The audit covers the Trust Services Criteria for Security, Availability, and Confidentiality — providing agencies with a verifiable, documented assurance of platform controls. SOC 2 reports are available to prospective and current agency partners under NDA.
Immutable audit trails
All clinical, operational, and compliance records are written to AWS QLDB (Quantum Ledger Database) — a fully managed ledger database that provides a cryptographically verifiable, immutable record of every change made to every document. This means no record can be altered or deleted without the alteration itself being permanently recorded — a standard previously available only to financial institutions, now applied to HCBS documentation.
With CompliCore, responding to a Medicaid audit request — which traditionally takes days of manual record compilation — is reduced to minutes. CompliCore generates a complete, time-stamped audit package with cryptographic verification for any date range and any set of consumers or staff.
Getting started with AcuityCore
AcuityCore is deployed and configured by the AcuityCare implementation team. Typical agency onboarding takes 4–8 weeks depending on agency size, data migration complexity, and number of active waiver programs.
The AcuityCare implementation team conducts a structured discovery session to document your agency's waiver programs, billing configurations, consumer population, staff roles, and current software stack. AcuityCore is then configured to your state's specific billing codes, waiver types, and documentation templates.
Consumer records, authorization data, staff profiles, and historical billing data are migrated from your existing systems. ConnectCore's FHIR layer supports standard import formats from most major HCBS platforms. Custom migration scripts are available for non-standard exports.
AcuityCare delivers role-specific training for each staff group: DSPs receive a mobile app orientation focused on EVV and visit documentation; case managers are trained on PlanBuilder and RiskCore; billing staff receive BillingCore and InsightAI training. Training is available in-person, remote, and via self-paced video modules.
Agencies run AcuityCore in parallel with existing systems for 2–4 weeks, verifying that EVV records, billing outputs, and care plans match expected results. Upon sign-off from agency leadership, the production cutover is executed. AcuityCare support staff are on-call during the go-live period.
Post go-live support includes a dedicated account manager, access to the AcuityCare support portal, and proactive notifications when StateRules is updated for regulatory changes affecting your programs. Annual platform reviews ensure your configuration stays current as your agency's programs evolve.
Ready to see AcuityCore for your agency?
Request a personalized demo with your program types, consumer population, and state — we'll show you exactly how AcuityCore maps to your operations.