The setup you described is not ideal. It would be better to implement a certificate authority and setup everyone with their own private-public keypairs. There are schemes where you would then grant access to a shared resource using ACLs at the application level or by having a symmetric key which is used for access and encrypted with each person's public key. You would then change these shared keys for any affected resource when someone leaves.

For a realistic scenario, let's talk explicitly about a security@example.com mailbox with PGP key "Example Inc. Security Team" (0xAAF00F00) where Bob, Alice, and Charlie (the team) have access to the mailbox, and PGP public/private keypair.

In your scenario, the shared keypair is not relevant. Even if they have their own keys, once its decrypted they have it. If you have an encrypted document and you have the key, and you leave with both it would not matter either because unlike with a paper document in a filing cabinet its trivial to make copies. If I leave the company, why do I still have access to the mailserver? If I do not have access and I still have the decryption key, I would have to break in and presumably defeat some other layers of security to even gain access to first decrypt it.

I would not recommend sharing the mailbox like this in general because there would be no accountability for who sent out an email or who read an email because they are technically sharing the identity. Better to have the message fed into a system with RBAC. Maybe you would them implement an HSM solution combined with certs/keys for access to the system and the decryption is owned by the system not the users.

Security needs to be applied in layers. Do not permit the thumb drives, make them log in through Citrix with all printing and copy and paste disabled, make it so the only way to get a copy of the data is by taking a picture (you could physically prohibit cell phones and cameras). The concern here is really the ability to copy digital data. You could implement some DRM based solutions potentially to address this as well, but DRM can be defeated and it doesn't prevent copying or screen caping.