I've always thought creating a shared key which rotates as soon as a single individual is added or removed is smart. There are security implications related to whose decryption key leaked, not sure if that's a legitimate threat model for almost any scenario though.