While the federal government has mobilized to squash the Y2K bug, with spending now projected at more than $8 billion to make computer systems ready to operate in the Year 2000, about a quarter of the federal health and safety programs administered by states lag on repairs, a new report shows.

"We've got to worry about whether the states are going to get done," John A. Koskinen, chairman of President Clinton's Year 2000 council, said yesterday. "The fact that we're done with our computer systems doesn't do us a lot of good if a state can't run its share of the program."

The federal government depends on the states to deliver services for 10 key domestic programs, from child nutrition aid to Medicaid and welfare assistance. A snapshot of Year 2000 computer readiness in the states was made public for the first time Tuesday in an Office of Management and Budget report.

The OMB report also included new numbers on the rising costs of battling the Y2K bug, now estimated at more than $8 billion, up from $2.3 billion in February 1997 and over $1 billion more than just three months ago. The report attributed much of the recent run-up in costs to repair efforts at the Defense Department.

The report disclosed decisions on some of the ideas being considered inside the administration to deal with the Y2K problem.

After studying suggestions from members of Congress and some companies that the government move its New Year's holiday from Dec. 31 (Friday) to Jan. 3 (Monday), OMB said the Year 2000 council decided that shifting the holiday would be "unwise, since it would require extensive reprogramming of systems to account for the change that would only add to the burden of Year 2000 work."

The report reflects some uncertainty about the status of federal programs that rely on state computer systems to deliver benefits and services. Some states--such as Pennsylvania, South Dakota and West Virginia--are ahead of others, the report said, while a number of states did not provide information or reported that they would not wrap up their computer fixes until late this year.

A handful of states, for example, reported that they would not finish work on their Medicaid systems until December and would not complete Y2K repairs on computer systems handling food stamps, the WIC nutrition program and child support enforcement until November, the OMB report said.

Some federal and state officials, however, stressed that the OMB's information was from three to six months old and said it is too early to judge the risks facing federal-state programs.

The report, for example, projected Rhode Island will finish its Medicaid work in December, but Barbara Weaver, the state's chief technology officer, said yesterday that the repairs will be completed by June 30 and that testing for undetected errors will be finished in August.

"One of the big problems is that the states operate very complex systems. It is hard to get a handle on what is going on. Each state is different," said Gary G. Christoph, the top technology official for the federal Medicare and Medicaid programs.

But House members monitoring Year 2000 technology issues, led by Reps. Stephen Horn (R-Calif.) and Constance A. Morella (R-Md.), remain concerned that federal agencies will not have enough time to properly test programs if their "partners"--state and local governments, vendors, contractors, banks and others--do not finish their repairs soon.

Computer fixes finished late in the year pose a "major risk," said Joel C. Willemssen, a General Accounting Office expert on Year 2000 technology issues. In November and December, "you're crunched up against the clock," with little time for elaborate tests aimed at ensuring that state and federal agencies can properly exchange data, he said.

"It is increasingly clear that if there are any risks, it will be on the side of the partners and not the federal government," Koskinen said.

The Year 2000 computer glitch, popularly known as Y2K, stems from the use in many systems of two-digit date fields, leading many computers to interpret "00" as 1900, not as 2000. That could cause systems to transmit bad data, malfunction or crash, according to industry experts.

In the OMB report, federal agencies said 93 percent of their "mission critical" systems are Y2K-compliant. Horn praised that progress at a Tuesday news conference but noted that, out of 43 programs OMB has identified as crucial to public health and safety, only two are ready to operate on Jan. 1: those for Social Security and the National Weather Service.

The agencies behind the other 41, he said, have not completed tests to ensure that fixes were properly made or have not finished preparing backup plans to cover unexpected computer problems.

Deidre A. Lee, OMB's acting deputy director for management, said, "It's fair to say that those people are not finished with contingency plans." But, she stressed, "we are working toward completion."

CAPTION: John A. Koskinen, head of the president's Year 2000 council, is concerned about the states' preparedness.