Throughout this course, you will be “working” as the Risk Manager for a 2 year old start up. The startup started as a SaaS based platform that initially provided its customers with a complete weight-loss and fitness program tailored to the individual user, but has expanded to fitness apparel under the logo MMS. MakeMeSlim is privately held, but is interested in going public sometime in the future. In 2 short years, MakeMeSlim has expanded from its 2 founders, who are still substantially involved, to over 300 employees. Some additional facts:
MakeMeSlim collects information about its users, including:
Name, address, health issues, current weight, goal weight, and food preferences
Credit Card Information for a monthly charge
MakeMeSlim uses a third party hosting site and Google Analytics to collect additional information about Users.
MakeMeSlim has been using a third party to handle its credit card information.
MakeMeSlim was started by 2 sisters, and as the company has grown they have hired mostly family for the top management positions.
The clothing line is designed by a third party, but created and sold by MMS.
The distribution center is located in North Carolina, but the company’s main headquarters is in Philadelphia, PA.
As MMS grows, it has been brought to the attention of the C-Suite that manufacturing the product in Asia would be more cost effective. Aside from the obvious tax issues, etc., consider the risks of moving such a large portion of the manufacturing overseas. Particularly consider issues of data transfers, intellectual property rights and international data privacy laws. In a memo to the C-Suite, address these risks and any other additional risks you believe the company should consider before deciding to move operations. You are welcome to consider the current domestic political climate, geo-political issues and PR. Be sure to completely and fully examine the risks, provide legal support (where applicable), and any real-life examples.