QuitManager is the market-leading full data collection, management and reporting solution for any Stop Smoking Service.
QuitManager offers a comprehensive suite of tools allowing for full cycle management of patients’ care and support during their attempt to quit smoking.
Fully NHS Digital compliant reports are automatically generated for submission


  • Cloud based smoking cessation caseload management for ease of access
  • Referral pathway management and API connectivity for interfacing
  • Over 300 reports, dynamically created in realtime
  • Over 1,400 data fields as standard per episode of care
  • SMS integration, Appointment System and SMS reminders
  • Post code validation and lookups
  • Role access restrictions from Commissioner to Advisor
  • Provider invoice generation and management
  • Letter generation, medication requests automated via email or sms
  • Security conscious user access control and managementl that includes MFA


  • Automatically generates NHS Digital returns and quarterly reports
  • Pharmacotherapy management and reimbursement reporting
  • Intuitive wizard based format to guide advisors
  • LTP, Ottowa model and Vape compatible
  • Fully auditable for access and data manipulation
  • eVouchers for paperless medication requests
  • National Referral System integration for 360 pathway visibility
  • Graphical Dashboard for realtime reporting
  • Automated SMS streamlining services and keeping patients engaged
  • Fully customisable


£12,000.00 an instance

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.


G-Cloud 13

Service ID

1 2 8 1 9 9 4 9 9 2 1 8 2 5 6


Telephone: 01283 753260

Service scope

Software add-on or extension
Cloud deployment model
Private cloud
Service constraints
No constraints
System requirements
  • Modern web browser
  • Internet access

User support

Email or online ticketing support
Email or online ticketing
Support response times
Standard support is Monday - Friday 9:00 - 17:30
User can manage status and priority of support tickets
Phone support
Phone support availability
9 to 5 (UK time), Monday to Friday
Web chat support
Onsite support
Support levels
Support is standard as part of the licence, with access to the support desk via phone or email, or ticketing portal if required. The support desk is available 9:00 to 17:30 Monday to Friday.

An account manager is assigned for each customer/QuitManager deployment
Support available to third parties

Onboarding and offboarding

Getting started
We include a training plan as part of the package. The training is a train the trainer approach designed to be cascaded down, and is broken down into different sessions for the different user types.
Training can be delivered virtually via MS Teams or can be delivered on site. User guides and training manuals are provided, and additional training days beyond the initial package can be purchased.
An initial familiarisation training session is also provided ensuring the services are comfortable using and testing the system prior to any deployment.
Service documentation
Documentation formats
  • ODF
  • PDF
  • Other
Other documentation formats
Word documents can be provided
End-of-contract data extraction
The system allows for full data extraction. Allowing users with the correct access levels to extract the data in a zipped file format. The data would then be presented in a series of csv files within the zip.
On top of this a full database backup is provided with the proprietary logic and functionality removed
End-of-contract process
At the end of the contract the data is handed back to the data owner with the service being able to run their own extracts. A backup database is also provided. Once the data has been returned and receipt acknowledged we will securely erase all data we held for the service.
At the end of the contract should the service wish to keep the site up and running with the data for extraction or validation purposes extensions can be purchased at a monthly rate.

Using the service

Web browser interface
Supported browsers
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
Application to install
Designed for use on mobile devices
Differences between the mobile and desktop service
The system is compatible with mobile interfaces, however only core pages for data entry have been optimised for mobile functionality.
Service interface
User support accessibility
None or don’t know
Customisation available
Description of customisation
The system has hundreds of configurable options for data capture and reporting. Many fields and drop downs can be added or amended via the administration area for users with the correct access permissions.
Additional data fields can be added if they are not already available and may require a request to the support team to enable.
There are multiple additional modules available for the service that can be requested and applied through the account manager or as part of the initial purchase.
Payment matrices, medication costs and pharmacotherapy can all be added to the system along with additional letters and templates.
Additional reports can be requested


Independence of resources
Data transfer and bandwidth resource is minimal, however reporting and data exports may be resource intensive.
Each instance runs on its own app pool and database, and if required, reporting functionality can be moved to a separate reporting site instance to ensure day to day user activity is not affected.

We provide cloud infrastructure with enough headroom to accommodate the numbers of potential users on our services. These resources are regularly reviewed, monitored for performance, and upgraded if necessary.


Service usage metrics
Metrics types
Historically we have provided reports on request using New Relic, and would be more than willing to look at options with any commissioning service.
Reporting types
Reports on request


Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance

Asset protection

Knowledge of data storage and processing locations
Data storage and processing locations
United Kingdom
User control over data storage and processing locations
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a CHECK service provider
Protecting data at rest
  • Physical access control, complying with another standard
  • Other
Other data at rest protection approach
Data is encrypted using Microsoft SQL Server Transparent Data Encryption (TDE), this fully encrypts data at rest using AES256bit encryption.
Data sanitisation process
Data sanitisation type
Deleted data can’t be directly accessed
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

Data export approach
The system has an inbuilt query builder allowing custom queries to be generated. The output is in csv format.
Role permissions can be defined so that non patient identifiable exports can be generated also, and export access in general can be restricted.
The system has exports for referrals and episodes of care, as well as the previously mentioned full zipped extract.
All reports and data extracts are available via the reporting section of the system.
We can also provide automated backup and extract transfer at an additional licence cost if required
Data export formats
  • CSV
  • Other
Other data export formats
  • Excel
  • PDF
Data import formats

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

Guaranteed availability
Rackspace our hosting centre provide a 100% network uptime guarantee and a 1 hour hardware replacement. 

All of our upgrades are performed out of working hours and the service will be notified prior to the upgrade taking place. 

In the last 6 years of hosting with Rackspace we can confirm have met a minimum of 99.8% uptime for our systems in working hours.
Approach to resilience
This information is available on request
Outage reporting
We use PRTG for service monitoring any outages which also incorporates email alerts

Identity and authentication

User authentication needed
User authentication
  • 2-factor authentication
  • Username or password
Access restrictions in management interfaces and support channels
User defined roles
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Username or password

Audit information for users

Access to user activity audit information
Users have access to real-time audit information
How long user audit data is stored for
At least 12 months
Access to supplier activity audit information
Users have access to real-time audit information
How long supplier audit data is stored for
At least 12 months
How long system logs are stored for
At least 12 months

Standards and certifications

ISO/IEC 27001 certification
Who accredited the ISO/IEC 27001
QMS International Ltd
ISO/IEC 27001 accreditation date
What the ISO/IEC 27001 doesn’t cover
The scope is for the delivery of online solutions
ISO 28000:2007 certification
CSA STAR certification
PCI certification
Cyber essentials
Cyber essentials plus
Other security certifications
Any other security certifications
NHS Digital Data Security and Protection Toolkit

Security governance

Named board-level person responsible for service security
Security governance certified
Security governance standards
ISO/IEC 27001
Information security policies and processes
We follow all processes in accordance with ISO 27001

Operational security

Configuration and change management standard
Supplier-defined controls
Configuration and change management approach
A) Details of the change will be submitted to the PM who will record a project issue in the Issue Register.

b) Change Control Note (CCN) completed and the CCN will be progressed with the change being authorised or rejected by the Project Board.

c) The PM will update the Issue Register, set ‘CCN Decision’ to ‘Rejected’ or ‘Authorised’.

d) If a change is rejected the PM will close the issue.

e) If change is authorised, the Delivery Manager will progress .

f) After live implementation the PM will set ‘CCN Implemented Live’ to ‘Yes’ and will close the issue.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
We have our own Vulnerability and Patch Management SoPs that extend to the Rackspace environment. Rackspace manage the OS Layer.

Our Vulnerability management is handled through a Vulnerability Management Platform from Qualys. The platform identifies potential threats via an agent and categorises threats based on industry standard scoring system.

Critical vulnerabilities are dealt with within 24 hours, 14 days for important, 30 days for Medium, and 8 weeks for low.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
We use anti-malware/virus and Intrusion Detection Systems to monitor and report potential security breaches.
Rackspace has a number of services such as PrevenTier, created together with network security specialists Arbor Networks and Cisco. It has been designed to add more layers of security between a customer’s network and malicious attacks.

We have Cisco firewalls with IDS and IPS. We also have Armor anywhere installed as a local IDS. Both of these platforms provide monitoring and alerting, incidents are investigated as part of within 24 hrs
Incident management type
Supplier-defined controls
Incident management approach
Bionical has numerous SoP's for incident managment.
ITS-SOP-GEN-008-v05 covers the standard process for handling incidents within Bionical Solutions.
Incidents can be raised by anyone within Bionical as well as it's client(s) with the relevant agreement. They can be raised by Telephone, Email, a monitored alert or in person.
The customer should be advised of the process, what will happen next and when they should expect to receive a call or email.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

Connection to public sector networks

Social Value

Fighting climate change

Fighting climate change

We are currently reviewing our environmental, sustainability and social value policy. However:
Bionical recognises and accepts its responsibility to minimise, wherever possible, its impact on the environment and to comply with all statutory environmental requirements.

The Company wishes to promote, amongst its staff and sub-contractors, an understanding of environmental issues.

Through properly developed and executed practices, The Company seeks to sustain and improve its own environment and contribute to the protection of the local, national and global environments.

Bionical is committed to making a positive impact through our environmental sustainability performance.
To enhance environmental and sustainability awareness among its staff and sub-contractors
• in the procurement of resources
• by provision of information, instruction and training.
To minimise;
• the consumption of resources
• the production of waste
• harmful emissions to air, land and water

Consideration will be given to the substitution of polluting substances with “greener” alternatives wherever possible. Steps will be taken to minimise smoke, dust, fumes, vapours, noise and vibration nuisance the potential for which will be identified during the risk assessment process.
To achieve these objectives policies will be adopted to cover areas of key environmental and sustainability importance.
Covid-19 recovery

Covid-19 recovery

As a company we are fully supportive of our staff and stakeholders with covid recovery.
We still encourage and allow remote working, and adapted a fully agile approach.
Social distancing is still encouraged within the office for those who wish to return, and sanitising stations are available throughout.
Our Employee Assistance Programme has been highlighted throughout and allows for confidential assistance for any staff member suffering with their mental health and wellbeing.
As a company Bionical provides Home Care Nurses who have worked throughout the pandemic.
The nature of our software, along with the National Referral System is tailored for taking support into the community and allowing the smooth transition of referrals, healthier individuals within the area.
The software is based around smoking cessation, and volumes of patients have increased with the pandemic. The software supports individuals becoming healthier.
Tackling economic inequality

Tackling economic inequality

Our software is all inclusive, from larger trusts to individual wellbeing services.

Our working ethic means no more geographical restrictions and we have a Virtual team all over the UK.

As an employer we offer apprenticeships and support the government kickstart campaign.

We are also partaking in the Government Apprenticeship Levy to support training for those within the company.
Equal opportunity

Equal opportunity

We are committed to promoting equal opportunities in employment. You and any job applicants will receive equal treatment regardless of age, disability, gender reassignment, marital or civil partner status, pregnancy or maternity, race, colour, nationality,ethnic or national origin, religion or belief, sex or sexual orientation (Protected Characteristics).

We have a full SoP covering our equal opportunities stance


At Bionical people matter, and we regularly receive updates and reminders for our own wellbeing.

Our confidential Employee Assistance Programme is available to all staff and their immediate families if they would prefer to talk to someone from outside of Bionical Solutions. Accredited counsellors and information specialists offer support and advice on health and wellbeing issues, as well as offering a counselling service and information on personal legal and financial matters. Support can be accessed via the telephone helpline. In addition to the call line, there is also an online service which doesn’t involve talking to someone but could be just as helpful.

Bionical also offers our Wellbeing Centre on BionicalPlus – a great source of information and advice on mental and physical health, advice on all kinds of things including debt management, exercise classes, recipes and more…


£12,000.00 an instance
Discount for educational organisations
Free trial available

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at Tell them what format you need. It will help if you say what assistive technology you use.