AFAIK, you cannot directly parameterize a column name like this:
INSERT INTO table (@columnName = @value)
in SQL.
You could, however, build your SQL statement in your application code and just place the name in the SQL query string. However, you better be damn sure it's not possible for just anyone to trick your code into building an SQL statement that could destroy your database. This isn't exactly a secure way to do things by an stretch of the imagination.
You'd be better off using a CASE in the INSERT statement somehow to use the columnname parameter to select the correct column name, though I can't really say that it's even legal to do so. I don't have the time right now to look it up or test it.