The U.S. Department of Health and Human Services has been warned by its inspector general that it might not be ready to implement adequate privacy protections for what has been called the largest proposed electronic dossier on Americans by Oct. 1. That’s when the new federal database is supposed to be ready to go for a major stage in the implementation of the Patient Protection and Affordable Care Act.

Sen. Orrin Hatch, R-Utah, has rightly asked the Government Accountability Office to report on the “security and privacy of the data being exchanged” on the new system, known as the Federal Data Hub.

Obamacare puts the federal government in the insurance business through the operation of state and federally run exchanges from which individuals and companies can purchase federally defined but privately issued health insurance policies, designed to extend health coverage to millions now without it. Qualified applicants can obtain federal subsidies to buy such policies.

The Obamacare law authorizes the government to create personal files on anyone who wants to participate in the new health-insurance-for-all system it, as well as those who work for the program.

These files will include personal information supplied by the Internal Revenue Service and a flock of other federal programs, as well as state and private- sector records.

Millions, and potentially hundreds of millions, of Americans will find their most intimate personal information stored in one central place on government computers. Critics reasonably contend that it will be accessible by thousands of people.

The “personally identifiable information,” including health records, tax filings and other sensitive information, will be available not only to contractors hired to sign people up for the program but also to law enforcement personnel interested in prosecuting fraud.

But HHS has not yet completed tests of the security of the information being processed and stored by the Federal Data Hub, as required by law.

As the agency’s inspector general has warned, there is a major danger that the Hub will actually be placed in service in six weeks without adequate privacy protection.

Even if the new system meets the specifications of federal law, it will represent a new level of federal intrusion into personal privacy.

That’s one more reason to question Obamacare’s expansion of the federal role in health care.

So is the issue of data security. Last year 3.6 million South Carolinians lost to a hacker their personal data stored at the state Department of Revenue, making them vulnerable to identity theft and monetary losses.

Maybe the federal government can do better.

But the state’s experience hardly encourages the notion that Washington’s files are unassailable.