Unless you're also using one of those subscription-as-a-service startups to host the payment forms, no, PCI compliance is on you with CIM. The payment information passes through your server, so you're 100% required to meet all 200+ of the requirements of the standard, quarterly scans of your servers, etc. Secure storage is only one small subset of the requirements.