Thanks for sharing your experience. I've been quite concerned about PCI compliance implementation as well, especially regarding server provider, as they play a significant role in the process. They store, transmit and process data. I've found some helpful stuff in this article, you might find it...