BIONICAL SOLUTIONS GROUP LIMITED

QuitManager

QuitManager is the market-leading full data collection, management and reporting solution for any Stop Smoking Service.
QuitManager offers a comprehensive suite of tools allowing for full cycle management of patients’ care and support during their attempt to quit smoking.
Fully NHS Digital compliant reports are automatically generated for submission

Features

• Cloud based smoking cessation caseload management for ease of access
• Referral pathway management and API connectivity for interfacing
• Over 300 reports, dynamically created in realtime
• Over 1,400 data fields as standard per episode of care
• SMS integration, Appointment System and SMS reminders
• Post code validation and lookups
• Role access restrictions from Commissioner to Advisor
• Provider invoice generation and management
• Letter generation, medication requests automated via nhs.net email or sms
• Security conscious user access control and managementl that includes MFA

Benefits

• Automatically generates NHS Digital returns and quarterly reports
• Pharmacotherapy management and reimbursement reporting
• Intuitive wizard based format to guide advisors
• LTP, Ottowa model and Vape compatible
• Fully auditable for access and data manipulation
• eVouchers for paperless medication requests
• National Referral System integration for 360 pathway visibility
• Graphical Dashboard for realtime reporting
• Automated SMS streamlining services and keeping patients engaged
• Fully customisable

£12,000.00 an instance

Service documents

• Pricing document

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

• Modern Slavery statement

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@bionical.com. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 13

Service ID

128199499218256

Contact

Mark Wrigley
01283 753260
info@bionical.com

Service scope

• Software add-on or extension: No
• Cloud deployment model: Private cloud
• Service constraints: No constraints
• System requirements:
  • Modern web browser
  • Internet access

User support

• Email or online ticketing support: Email or online ticketing
• Support response times: Standard support is Monday - Friday 9:00 - 17:30
• User can manage status and priority of support tickets: No
• Phone support: Yes
• Phone support availability: 9 to 5 (UK time), Monday to Friday
• Web chat support: No
• Onsite support: No
• Support levels: Support is standard as part of the licence, with access to the support desk via phone or email, or ticketing portal if required. The support desk is available 9:00 to 17:30 Monday to Friday.; ; An account manager is assigned for each customer/QuitManager deployment
• Support available to third parties: Yes

Onboarding and offboarding

• Getting started: We include a training plan as part of the package. The training is a train the trainer approach designed to be cascaded down, and is broken down into different sessions for the different user types.; Training can be delivered virtually via MS Teams or can be delivered on site. User guides and training manuals are provided, and additional training days beyond the initial package can be purchased.; An initial familiarisation training session is also provided ensuring the services are comfortable using and testing the system prior to any deployment.
• Service documentation: Yes
• Documentation formats:
  • ODF
  • PDF
  • Other
• Other documentation formats: Word documents can be provided
• End-of-contract data extraction: The system allows for full data extraction. Allowing users with the correct access levels to extract the data in a zipped file format. The data would then be presented in a series of csv files within the zip.; On top of this a full database backup is provided with the proprietary logic and functionality removed
• End-of-contract process: At the end of the contract the data is handed back to the data owner with the service being able to run their own extracts. A backup database is also provided. Once the data has been returned and receipt acknowledged we will securely erase all data we held for the service.; At the end of the contract should the service wish to keep the site up and running with the data for extraction or validation purposes extensions can be purchased at a monthly rate.

Using the service

• Web browser interface: Yes
• Supported browsers:
  • Internet Explorer 11
  • Microsoft Edge
  • Firefox
  • Chrome
  • Safari
  • Opera
• Application to install: No
• Designed for use on mobile devices: Yes
• Differences between the mobile and desktop service: The system is compatible with mobile interfaces, however only core pages for data entry have been optimised for mobile functionality.
• Service interface: No
• User support accessibility: None or don’t know
• API: No
• Customisation available: Yes
• Description of customisation: The system has hundreds of configurable options for data capture and reporting. Many fields and drop downs can be added or amended via the administration area for users with the correct access permissions.; Additional data fields can be added if they are not already available and may require a request to the support team to enable.; There are multiple additional modules available for the service that can be requested and applied through the account manager or as part of the initial purchase.; Payment matrices, medication costs and pharmacotherapy can all be added to the system along with additional letters and templates.; Additional reports can be requested

Scaling

• Independence of resources: Data transfer and bandwidth resource is minimal, however reporting and data exports may be resource intensive.; Each instance runs on its own app pool and database, and if required, reporting functionality can be moved to a separate reporting site instance to ensure day to day user activity is not affected.; ; We provide cloud infrastructure with enough headroom to accommodate the numbers of potential users on our services. These resources are regularly reviewed, monitored for performance, and upgraded if necessary.

Analytics

• Service usage metrics: Yes
• Metrics types: Historically we have provided reports on request using New Relic, and would be more than willing to look at options with any commissioning service.
• Reporting types: Reports on request

Resellers

• Supplier type: Not a reseller

Staff security

• Staff security clearance: Other security clearance
• Government security clearance: None

Asset protection

• Knowledge of data storage and processing locations: Yes
• Data storage and processing locations: United Kingdom
• User control over data storage and processing locations: No
• Datacentre security standards: Complies with a recognised standard (for example CSA CCM version 3.0)
• Penetration testing frequency: At least once a year
• Penetration testing approach: ‘IT Health Check’ performed by a CHECK service provider
• Protecting data at rest:
  • Physical access control, complying with another standard
  • Other
• Other data at rest protection approach: Data is encrypted using Microsoft SQL Server Transparent Data Encryption (TDE), this fully encrypts data at rest using AES256bit encryption.
• Data sanitisation process: Yes
• Data sanitisation type: Deleted data can’t be directly accessed
• Equipment disposal approach: Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Data importing and exporting

• Data export approach: The system has an inbuilt query builder allowing custom queries to be generated. The output is in csv format.; Role permissions can be defined so that non patient identifiable exports can be generated also, and export access in general can be restricted.; The system has exports for referrals and episodes of care, as well as the previously mentioned full zipped extract. ; All reports and data extracts are available via the reporting section of the system.; We can also provide automated backup and extract transfer at an additional licence cost if required
• Data export formats:
  • CSV
  • Other
• Other data export formats:
  • Excel
  • PDF
• Data import formats: CSV

Data-in-transit protection

• Data protection between buyer and supplier networks: TLS (version 1.2 or above)
• Data protection within supplier network:
  • TLS (version 1.2 or above)
  • IPsec or TLS VPN gateway

Availability and resilience

• Guaranteed availability: Rackspace our hosting centre provide a 100% network uptime guarantee and a 1 hour hardware replacement. ; ; All of our upgrades are performed out of working hours and the service will be notified prior to the upgrade taking place. ; ; In the last 6 years of hosting with Rackspace we can confirm have met a minimum of 99.8% uptime for our systems in working hours.
• Approach to resilience: This information is available on request
• Outage reporting: We use PRTG for service monitoring any outages which also incorporates email alerts

Identity and authentication

• User authentication needed: Yes
• User authentication:
  • 2-factor authentication
  • Username or password
• Access restrictions in management interfaces and support channels: User defined roles
• Access restriction testing frequency: At least once a year
• Management access authentication:
  • 2-factor authentication
  • Username or password

Audit information for users

• Access to user activity audit information: Users have access to real-time audit information
• How long user audit data is stored for: At least 12 months
• Access to supplier activity audit information: Users have access to real-time audit information
• How long supplier audit data is stored for: At least 12 months
• How long system logs are stored for: At least 12 months

Standards and certifications

• ISO/IEC 27001 certification: Yes
• Who accredited the ISO/IEC 27001: QMS International Ltd
• ISO/IEC 27001 accreditation date: 04/01/2022
• What the ISO/IEC 27001 doesn’t cover: The scope is for the delivery of online solutions
• ISO 28000:2007 certification: No
• CSA STAR certification: No
• PCI certification: No
• Cyber essentials: Yes
• Cyber essentials plus: Yes
• Other security certifications: Yes
• Any other security certifications: NHS Digital Data Security and Protection Toolkit

Security governance

• Named board-level person responsible for service security: Yes
• Security governance certified: Yes
• Security governance standards: ISO/IEC 27001
• Information security policies and processes: We follow all processes in accordance with ISO 27001

Operational security

• Configuration and change management standard: Supplier-defined controls
• Configuration and change management approach: A) Details of the change will be submitted to the PM who will record a project issue in the Issue Register.; ; b) Change Control Note (CCN) completed and the CCN will be progressed with the change being authorised or rejected by the Project Board.; ; c) The PM will update the Issue Register, set ‘CCN Decision’ to ‘Rejected’ or ‘Authorised’.; ; d) If a change is rejected the PM will close the issue.; ; e) If change is authorised, the Delivery Manager will progress .; ; f) After live implementation the PM will set ‘CCN Implemented Live’ to ‘Yes’ and will close the issue.
• Vulnerability management type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Vulnerability management approach: We have our own Vulnerability and Patch Management SoPs that extend to the Rackspace environment. Rackspace manage the OS Layer.; ; Our Vulnerability management is handled through a Vulnerability Management Platform from Qualys. The platform identifies potential threats via an agent and categorises threats based on industry standard scoring system.; ; Critical vulnerabilities are dealt with within 24 hours, 14 days for important, 30 days for Medium, and 8 weeks for low.
• Protective monitoring type: Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
• Protective monitoring approach: We use anti-malware/virus and Intrusion Detection Systems to monitor and report potential security breaches. ; Rackspace has a number of services such as PrevenTier, created together with network security specialists Arbor Networks and Cisco. It has been designed to add more layers of security between a customer’s network and malicious attacks.; ; We have Cisco firewalls with IDS and IPS. We also have Armor anywhere installed as a local IDS. Both of these platforms provide monitoring and alerting, incidents are investigated as part of within 24 hrs
• Incident management type: Supplier-defined controls
• Incident management approach: Bionical has numerous SoP's for incident managment. ; ITS-SOP-GEN-008-v05 covers the standard process for handling incidents within Bionical Solutions.; Incidents can be raised by anyone within Bionical as well as it's client(s) with the relevant agreement. They can be raised by Telephone, Email, a monitored alert or in person.; The customer should be advised of the process, what will happen next and when they should expect to receive a call or email.

Secure development

• Approach to secure software development best practice: Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Public sector networks

• Connection to public sector networks: No

Social Value

• Fighting climate change:

  Fighting climate change

  We are currently reviewing our environmental, sustainability and social value policy. However:; Bionical recognises and accepts its responsibility to minimise, wherever possible, its impact on the environment and to comply with all statutory environmental requirements.; ; The Company wishes to promote, amongst its staff and sub-contractors, an understanding of environmental issues. ; ; Through properly developed and executed practices, The Company seeks to sustain and improve its own environment and contribute to the protection of the local, national and global environments.; ; Bionical is committed to making a positive impact through our environmental sustainability performance.; To enhance environmental and sustainability awareness among its staff and sub-contractors; • in the procurement of resources; • by provision of information, instruction and training.; To minimise;; • the consumption of resources; • the production of waste; • harmful emissions to air, land and water ; ; Consideration will be given to the substitution of polluting substances with “greener” alternatives wherever possible. Steps will be taken to minimise smoke, dust, fumes, vapours, noise and vibration nuisance the potential for which will be identified during the risk assessment process.; To achieve these objectives policies will be adopted to cover areas of key environmental and sustainability importance.
• Covid-19 recovery:

  Covid-19 recovery

  As a company we are fully supportive of our staff and stakeholders with covid recovery.; We still encourage and allow remote working, and adapted a fully agile approach. ; Social distancing is still encouraged within the office for those who wish to return, and sanitising stations are available throughout.; Our Employee Assistance Programme has been highlighted throughout and allows for confidential assistance for any staff member suffering with their mental health and wellbeing.; As a company Bionical provides Home Care Nurses who have worked throughout the pandemic.; The nature of our software, along with the National Referral System is tailored for taking support into the community and allowing the smooth transition of referrals, healthier individuals within the area.; The software is based around smoking cessation, and volumes of patients have increased with the pandemic. The software supports individuals becoming healthier.
• Tackling economic inequality:

  Tackling economic inequality

  Our software is all inclusive, from larger trusts to individual wellbeing services.; ; Our working ethic means no more geographical restrictions and we have a Virtual team all over the UK.; ; As an employer we offer apprenticeships and support the government kickstart campaign.; ; We are also partaking in the Government Apprenticeship Levy to support training for those within the company.
• Equal opportunity:

  Equal opportunity

  We are committed to promoting equal opportunities in employment. You and any job applicants will receive equal treatment regardless of age, disability, gender reassignment, marital or civil partner status, pregnancy or maternity, race, colour, nationality,ethnic or national origin, religion or belief, sex or sexual orientation (Protected Characteristics).; ; We have a full SoP covering our equal opportunities stance
• Wellbeing:

  Wellbeing

  At Bionical people matter, and we regularly receive updates and reminders for our own wellbeing.; ; Our confidential Employee Assistance Programme is available to all staff and their immediate families if they would prefer to talk to someone from outside of Bionical Solutions. Accredited counsellors and information specialists offer support and advice on health and wellbeing issues, as well as offering a counselling service and information on personal legal and financial matters. Support can be accessed via the telephone helpline. In addition to the call line, there is also an online service which doesn’t involve talking to someone but could be just as helpful. ; ; Bionical also offers our Wellbeing Centre on BionicalPlus – a great source of information and advice on mental and physical health, advice on all kinds of things including debt management, exercise classes, recipes and more…

Pricing

• Price: £12,000.00 an instance
• Discount for educational organisations: No
• Free trial available: No

Service documents

• Pricing document

  ODT

• Service definition document

  ODT

• Terms and conditions

  ODT

• Modern Slavery statement

  ODT

Request an accessible format

If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at info@bionical.com. Tell them what format you need. It will help if you say what assistive technology you use.