Mobile applications are revolutionizing our lives, and they have the very real potential to revolutionize our health care system for the better. Every day the mobile application and mobile health industries grow, but unfortunately the federal structure regulating mobile apps hasn’t been able to keep up. Worse, regulators seem to believe the old regulatory framework, created when most used typewriters and carbon paper, is well-suited to ensure mobile apps are safe and effective.

I am glad some in Congress are gearing up efforts to rewrite the decades-old framework, because a smart, risk-based regulatory structure can lower costs, improve health outcomes, and foster innovation that creates jobs.

A recent infographic created by Mobile Future noted that 95 million Americans already use mobile devices and health tools. More than 40,000 medical apps are currently available for tables and smart phones, and 247 million Americans have downloaded at least one of these health apps. This is the reality of our nation today: Americans are using and will continue to use mobile devices and mobile apps for health care purposes. Not only are these apps being used, but they are also a growing piece of America’s economy. Mobile Health is a $1.3 billion industry and is projected to reach $20 billion within just five years.

The federal regulatory structure for health IT was crafted and passed in the 1970s. This was the age of floppy disks and bell bottoms, not iPhones and 4G mobile broadband. Nearly four decades ago, the Food and Drug Administration was charged with regulating medical devices in order to protect safety and determine a device’s effectiveness. While bell bottoms may still be popular for a few, FDA has decided the 40-year old approach works well for new technologies, like mobile apps, that many do not consider to be a “medical device”.

Last year, the Department of Health and Human Services convened a panel of public and private sector experts who were charged with developing recommendations on an appropriate, risk-based regulatory framework for health IT. In their recommendations to the Department, the Workgroup highlighted multiple areas where the regulatory framework was “broken at the written law level.” Only Congress can change written laws that are broken.

Based on the Workgroup‘s findings, HHS is expected to release their recommendations to Congress and the public soon, and a likely recommendation from the report will highlight Congress’s need to update the law.

Fortunately, Senators and Representatives from both sides of the aisle are demonstrating their support for modernizing health IT regulations. In a time of unprecedented partisan gridlock, these leaders have shown that health IT is not a partisan issue. Legislators from across the country see how advanced technologies are becoming increasingly integrated in our daily lives, and understand the old way of regulating new technologies simply won’t work going forward.

But as Congress develops new health IT policies, it should be careful not to prejudge certain technologies or sectors of the industry. After all, the iPhone was far from existence when the FDA regulations for medical devices were created. How can we know what the most popular, or powerful, technology will be 40 years from now? Without a crystal ball, we can only work to craft regulations that are flexible enough for whatever innovations we haven’t even dreamed of yet.

There needs to be appropriate, risk-based oversight for health IT, and we hope the HHS report will recommend such a framework. Health IT has tremendous potential to improve patient care and lower health care costs, but we can only achieve these goals well with a new regulatory framework, crafted by Congress and signed by the president, that is modern and flexible enough for tomorrow’s technologies.

First, Congress must ensure current regulatory overlap and duplication is streamlined by creating a gatekeeper to farm technologies to the most appropriate regulator. Congress should update the definition of a Medical Device to reflect the evolving nature of medical technologies by differentiating between those that manage health information and those used to diagnose and treat patients. Second, technologies should be regulated based on their functionality and risk, with lower risk apps sent to contracted software experts who can judge whether the software does what it claims to do. Third, we must ensure approved apps are tracked post-approval for errors they may cause. Congress should create a collaborative mechanism for robust post-market surveillance that incentivizes safety and addresses adverse events quickly with a mix of punitive and non-punitive enforcement options.

Regulations as they stand were appropriate for 1970s America, but unfortunately cannot keep up with the pace of today’s innovations that are increasingly integrated into consumers’ daily lives. Congress must act to protect patient safety in a way regulators with their current tools cannot adequately do.

Joel White is the Executive Director of the Health IT Now Coalition.