- Immediately stop processing credit card transactions through the RI.gov Web site until state officials are sure the site is secure.

- Hire an outside security consultant to determine whether there are any other vulnerabilities in the site or in NEI's data-handling procedures and immediately correct them.

- Identify all consumers whose credit card or other personal data may have been compromised.

- Establish a way for those consumers to find out whether their data was compromised and provide a comprehensive credit card replacement, credit monitoring and credit rehabilitation program to anyone affected.

Neff said NIC is now drafting a written response to the state's demands and plans to comply with all of the demands.