Should I migrate from Win 7 to Win 10?

I am a medical professional and a NOOB, and all available practice management softwares (that are any good) use either Windows 10 or 7. Security Risk Analyses require all users upgrade to 10. Clinical operatory computers can safely (I assume) run 10, seeing as they will only be able to access the server and never the web. Front desk as well as business computers require access to insurances so as to verify benefits for each patient, and so I am considering these be running Windows 7.1 That is, one LAN cable will connect to the database server and another to the firewall, which will run BSD (either UnTangle or pfSense).
Is this system feasible, or should I simply run everything on 7.1 and to hell with any security updates, OR, run Windows 10 but never allow any computer to access Microsoft, which I will assume I can do at the firewall level?

At home I run Linux, with 10 set aside ONLY for programs not available in Linux, and then on that OS I have nothing installed in terms of personal info.

Your thoughts, and I thank you in advance.

In general, you should never run unmaintained software, especially no unmaintained operating systems.

Windows 10 comes in different variants for different purposes, e.g., Windows 10 IoT. So you should evaluate which variant fits your use case best.

The problem is that there is no THE SINGLE ONE LINUX. There are hundreds of different distributions with different levels of support and packages. Then, there are different release models.

Furthermore, many special purpose applications aren’t available for Linux distributions.

The problem is that there is no THE SINGLE ONE LINUX.

Andreas Lundqvist (initially), Muhammad Herdiansyah (continued), Fabio Loli (continued) [GFDL 1.3], via Wikimedia Commons

Quick little lesson : Linux is itself just a kernel (Imagine it, as the main bone structure), and on itself, you are free to develop your Operating System based on it. (And as you can see, quite a lot of people did just that).
That´s kind of the same thing for BSD, as it´s not like only one company like Microsoft which is authorized to develop versions.

Indeed, we know this, of course. Your image just supports our statement: There is no THE SINGLE ONE LINUX. This why blanket statements like “Just migrate from Windows to Linux” don’t help.

What distro do you use?

The correct term is GNU/Linux. The kernel is part of the operating system.

Abandon Windows and move to Ubuntu. Don’t question it just do it

I think any distro of Linux would be better than Windows If you are a beginner I would go for Mint or Manjaro.

To answer the question of the title, “How to secure Windows 10?”, my answe is to delete it and install a Linux variant that suits your needs.

Kidding. Sort of.

The computer that has the patient files, the database server i assume, that machine should run either Linux/BSD for maximum security.

The machine running the proprietary medical software can run Win7 or Win10, but best to upgrade to Win10 for security updates. To run outdated software that is vulnerable to exploits as a business is irresponsible imo.

Your firewall as you said can run Untangle or pfSense, which is fine.

This is a good reason for computer security concerning medical:
https://www.itgovernance.co.uk/blog/what-can-we-learn-from-the-nhs-digital-data-breach

I would suggest that you hire a proper MSP (with a focus on privacy/security) to deploy you a proper network. No sense in just dumping it all in Linux then spin up Win10 or Win7 VMs to host your windows specific applications. While that may afford you the privacy you want, you wont be able to do the proper testing to ensure that your defenses are up and actually working.

Yes. Definitely, with Win7 you’re still facing serious security issues.
Yes, Win10 still sucks but sucks less - which is important.

The problem is that most of the default Linux security setups are really horrible. Yes, you can set up reasonably secure Linux/*BSD box…but usually ain’t nobody got time for that.
The defaults are mostly really bad.

To continue the topic a bit more, Having a WMR headset, and feeling the craze for VR content following Half-life : Alyx reveal, I´ve sadly had to reinstall W10 has this headset is only supported there (pretty obvious tho).
I´ve tried those Windows 10 roms http://ameliorated.info which are heavily debloated of Windows stuff, and got quite an extensive lot of privacy patches into it.
Not good for my use case, as Windows Update is definitely blocked, and the WMR parts, removed from the latests .isos, but should be quite helpful for others.
The latest .isos downloads and torrents can be found on their Telegram group.